cve/CVE-2024-8682.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.1 KiB

Raw Permalink Blame History

CVE-2024-8682

Description

The JNews - WordPress Newspaper Magazine Blog AMP Theme theme for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 11.6.6. This is due to the plugin not properly validate if the user can register option is enabled prior to creating a user though the register_handler() function. This makes it possible for unauthenticated attackers to register as a user even when user registration is disabled.

POC

Reference

No PoCs from references.

Github

https://github.com/4minx/CVE-2024-8682
https://github.com/PuddinCat/GithubRepoSpider
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub

1.1 KiB Raw Permalink Blame History

CVE-2024-8682

Description

POC

Reference

Github

1.1 KiB

Raw Permalink Blame History