CVE-2024-7894

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
07/12/2024
Last modified:
07/12/2024

Description

The If Menu plugin for WordPress is vulnerable to unauthorized modification of the plugin's license key due to a missing capability check on the 'actions' function in versions up to, and including, 0.19.1. This makes it possible for unauthenticated attackers to modify delete or modify the license key.