← Back

CVE-2024-5861

nvd nist
Published: Jul 24, 2024Modified: Jun 17, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Exploitability: 3.9 / Impact: 2.5
Source: NVD

Description

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpep_square_disconnect() function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect square.

Affected (1)

1 product
Wp Easypay
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Before 4.2.4

Timeline

No history available yet.