cbcvebase.
CVE-2024-50477
published 2024-10-28

CVE-2024-50477: Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication…

PriorityP271critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
7.96%
94.0th percentile
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.

Affected

2 ranges
VendorProductVersion rangeFixed in
stacksstacks_mobile_app_builder<= 5.2.3
stacksmarketstacks_mobile_app_builder<= 5.2.3

Detection & IOCsextracted from sources · hover to see the quote

url/?mobile_co=1&uid=1
path/wp-content/plugins/stacks-mobile-app-builder/readme.txt
  • Detect exploitation attempts by monitoring HTTP requests containing both 'mobile_co=1' and 'uid=' query parameters, which are used to trigger the authentication bypass and impersonate arbitrary WordPress users.
  • Presence of the plugin path /wp-content/plugins/stacks-mobile-app-builder/ on a target confirms the vulnerable software is installed; version confirmation via readme.txt is used in active scanning.
  • Successful exploitation results in a 200 response to /wp-admin/index.php with body containing 'Dashboard', 'Plugins', and 'Edit Profile' — use these strings as post-exploitation indicators in WAF/SIEM alerting.
  • ·The bypass is triggered purely via unauthenticated GET query parameters (no credentials required), meaning no prior access or brute-force is needed — any unauthenticated request with mobile_co=1&uid=<N> is sufficient to obtain a session cookie for user N.
  • ·The uid parameter is arbitrary — attackers are not limited to uid=1 (admin); any valid WordPress user ID can be targeted, enabling full account takeover across all user roles.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.