What is CVE-2024-11024?

CVE-2024-11024 is a critical-severity vulnerability in Scottopolis Apppresser – Mobile App Framework, classified under CWE-230. CVSS score: 9.8/10. Published 2024-11-26.

How severe is CVE-2024-11024?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Scottopolis Apppresser – Mobile App Framework

CVE-2024-11024

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.6. This is due to the plugin not properly validating a user's password reset co…

EPSS: 0.004 (60.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Scottopolis Apppresser – Mobile App Framework — versions 0

Weakness classification (CWE)

CWE-230

References

www.wordfence.com/threat-intel/vulnerabilities/id/43cb0399-4add-43d5-863c-30e11…
plugins.trac.wordpress.org/changeset/3192531/apppresser

Frequently asked questions

What is CVE-2024-11024?: CVE-2024-11024 is a critical-severity vulnerability in Scottopolis Apppresser – Mobile App Framework, classified under CWE-230. CVSS score: 9.8/10. Published 2024-11-26.
How severe is CVE-2024-11024?: Critical severity. CVSS v3 base score is 9.8 out of 10.