How severe is CVE-2024-1042?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2024-1042?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2024-1042 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

The WP Radio – Worldwide Online Radio Stations Directory for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 3.1.9. This makes it possible for authenticated attackers, with subscriber access and above, to import radio stations, remove countries, and modify the plugin's settings, which can lead to Cross-Site Scripting, tracked separately in CVE-2024-1041.

Related Vulnerabilities

CVE-2019-3886

MEDIUM

CVSS:5.4(Medium)

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing un...

CWE-8622019

CVE-2019-4158

MEDIUM

CVSS:5.4(Medium)

IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. IBM X-Force ID: 1585...

CWE-8622019

CVE-2020-14213

MEDIUM

CVSS:5.4(Medium)

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge).

CWE-8622020

CVE-2020-2204

MEDIUM

CVSS:5.4(Medium)

A missing permission check in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to the globally configured Fortify on Demand endpoint using at...

CWE-8622020

CVE-2020-6199

MEDIUM

CVSS:5.4(Medium)

The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, ...

CWE-8622020

CVE-2020-6212

MEDIUM

CVSS:5.4(Medium)

Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not...

CWE-8622020