January 13, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Mirai Botnet aka Katana – Active IOCs
January 11, 2025
SOC Compliance and Auditing: Ensuring Regulatory Adherence
January 13, 2025
Mirai Botnet aka Katana – Active IOCs
January 11, 2025
SOC Compliance and Auditing: Ensuring Regulatory Adherence
January 13, 2025
Severity
High
Analysis Summary
CVE-2024-56204 CVSS:8.8
Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Sinking Dropdowns allows Privilege Escalation. This issue affects Sinking Dropdowns: from n/a through 1.25.
CVE-2024-56203 CVSS:8.8
Cross-Site Request Forgery (CSRF) vulnerability in George Holmes II Wayne Audio Player allows Privilege Escalation.This issue affects Wayne Audio Player: from n/a through 1.0.
CVE-2024-56066 CVSS:9.8
Missing Authorization vulnerability in the Inspry Agency Toolkit allows Privilege Escalation. This issue affects the Agency Toolkit: from n/a through 1.0.23.
CVE-2024-56061 CVSS:8.8
Missing Authorization vulnerability in Webful Creations Computer Repair Shop allows Privilege Escalation. This issue affects Computer Repair Shop: from n/a through 3.8119.
Impact
- Privilege Escalation
- Gain Access
Indicators of Compromise
CVE
CVE-2024-56204
CVE-2024-56203
CVE-2024-56066
CVE-2024-56061
Affected Vendors
- WordPress
Affected Products
- Yonatan Reinberg of Social Ink Sinking Dropdowns - n/a
- George Holmes II Wayne Audio Player - n/a
- Inspry Agency Toolkit - n/a
- Webful Creations Computer Repair Shop - n/a
Remediation
Upgrade to the latest version of the WordPress plugin, available from the WordPress Plugin Directory.