CVE-2024-32507
published 2024-05-17CVE-2024-32507: Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from…
PriorityP274high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.46%
36.6th percentile
Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.7.16.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hamid_alinia | login_with_phone_number | <= 1.7.16 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hwvm-hrp8-hmq8: Improper Privilege Management vulnerability in Hamid Alinia – idehweb Login with phone number allows Privilege Escalation
ghsa_unreviewed·2024-05-17
CVE-2024-32507 [HIGH] CWE-266 GHSA-hwvm-hrp8-hmq8: Improper Privilege Management vulnerability in Hamid Alinia – idehweb Login with phone number allows Privilege Escalation
Improper Privilege Management vulnerability in Hamid Alinia – idehweb Login with phone number allows Privilege Escalation.This issue affects Login with phone number: from n/a through 1.7.16.
VulnCheck
Hamid Alinia - idehweb Login With Phone Number Privilege Escalation
vulncheck·2024
CVE-2024-32507 Hamid Alinia - idehweb Login With Phone Number Privilege Escalation
Hamid Alinia - idehweb Login With Phone Number Privilege Escalation
Improper Privilege Management vulnerability in Hamid Alinia - idehweb Login with phone number allows Privilege Escalation.This issue affects Login with phone number: from n/a through 1.7.16.
Affected: Hamid Alinia idehweb Login With Phone Number
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/wordpress/plugin/login-with-phone-number/vulnerability/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://patchstack.com/database/Wordpress/Plugin/login-with-phone-number/vulnerability/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/login-with-phone-number/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability?_s_id=cve
2024-05-17
Published
Exploited in the wild