Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-xdby-44hp-tfay
SummaryThe Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it possible for unauthenticated attackers to create or modify existing Master Addons templates or make settings modifications related to these templates.
Aliases
0
alias CVE-2024-5382
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5382
reference_id
reference_type
scores
0
value 0.00238
scoring_system epss
scoring_elements 0.47111
published_at 2026-06-11T12:55:00Z
1
value 0.00238
scoring_system epss
scoring_elements 0.47251
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5382
1
reference_url https://www.wordfence.com/threat-intel/vulnerabilities/id/e3820f80-9b80-4672-b2ff-3864793d2de2?source=cve
reference_id e3820f80-9b80-4672-b2ff-3864793d2de2?source=cve
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-07T14:28:43Z/
url https://www.wordfence.com/threat-intel/vulnerabilities/id/e3820f80-9b80-4672-b2ff-3864793d2de2?source=cve
2
reference_url https://plugins.trac.wordpress.org/changeset/3096299/master-addons
reference_id master-addons
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-07T14:28:43Z/
url https://plugins.trac.wordpress.org/changeset/3096299/master-addons
Weaknesses
0
cwe_id 862
name Missing Authorization
description The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Exploits
Severity_range_score6.5 - 6.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-xdby-44hp-tfay