CVE-2024-31358
published 2024-04-10CVE-2024-31358: Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a…
PriorityP276high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.58%
43.5th percentile
Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through <= 1.2.67.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| saleswonder_team_tobias | 5_stars_rating_funnel | <= 1.2.67 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3jvg-6v8m-chpp: Missing Authorization vulnerability in Saleswonder
ghsa_unreviewed·2024-04-10
CVE-2024-31358 [HIGH] CWE-862 GHSA-3jvg-6v8m-chpp: Missing Authorization vulnerability in Saleswonder
Missing Authorization vulnerability in Saleswonder.Biz 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67.
VulnCheck
WordPress 5 Stars Rating Funnel Plugin Arbitrary Content Deletion
vulncheck·2024
CVE-2024-31358 WordPress 5 Stars Rating Funnel Plugin Arbitrary Content Deletion
WordPress 5 Stars Rating Funnel Plugin Arbitrary Content Deletion
Missing Authorization vulnerability in Saleswonder.Biz 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67.
Affected: Saleswonder.biz 5 Stars Rating Funnel
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/wordpress/plugin/5-stars-rating-funnel/vulnerability/wordpress-5-stars-rating-funnel-plugin-1-2-67-arbitrary-content-deletion-vulnerability
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://patchstack.com/database/Wordpress/Plugin/5-stars-rating-funnel/vulnerability/wordpress-5-stars-rating-funnel-plugin-1-2-67-arbitrary-content-deletion-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/5-stars-rating-funnel/wordpress-5-stars-rating-funnel-plugin-1-2-67-arbitrary-content-deletion-vulnerability?_s_id=cve
2024-04-10
Published
Exploited in the wild