Vulnerabilities > CVE-2024-38749 - Unspecified vulnerability in Olivethemes Olive ONE Click Demo Import

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

olivethemes

NVD

Published: 2024-08-13

Updated: 2025-05-27

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2.

Vulnerable Configurations

Part	Description	Count
Application	Olivethemes Olivethemes Olive ONE Click Demo Import - Olivethemes Olive ONE Click Demo Import 1.0.3 Olivethemes Olive ONE Click Demo Import 1.0.4 Olivethemes Olive ONE Click Demo Import 1.0.5 Olivethemes Olive ONE Click Demo Import 1.0.6 Olivethemes Olive ONE Click Demo Import 1.0.7 Olivethemes Olive ONE Click Demo Import 1.0.8 Olivethemes Olive ONE Click Demo Import 1.0.9 Olivethemes Olive ONE Click Demo Import 1.1.0 Olivethemes Olive ONE Click Demo Import 1.1.1 Olivethemes Olive ONE Click Demo Import 1.1.2	11

References

https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-2-sensitive-data-exposure-vulnerability?_s_id=cve