Vulnerabilities > CVE-2024-34821 - Missing Authorization vulnerability in Contactlistpro Contact List 2.9.87

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

contactlistpro

CWE-862

NVD

Published: 2024-06-11

Updated: 2024-08-07

Summary

Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through 2.9.87.

Vulnerable Configurations

Part	Description	Count
Application	Contactlistpro Contactlistpro Contact List - Contactlistpro Contact List 2.9.87	2

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/vulnerability/contact-list/wordpress-contact-list-plugin-2-9-87-broken-access-control-vulnerability?_s_id=cve