[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2DxNV-q4VOAZZ4WcZWfRx8-12pNxTNv-PjQzHnRdxvc":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-2505","gamipress-broken-access-control","GamiPress \u003C= 6.8.8 - Broken Access Control","The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to broken access control in all versions up to, and including, 6.8.8. This is due to the plugin not properly restricting specific actions to authorized users. This makes it possible for authentication attackers, with author-level access and above, to to modify the plugins settings.","gamipress",null,"\u003C=6.8.8","6.8.9","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Access Control","2024-04-08 00:00:00","2024-05-07 12:32:45",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3ba1100e-8669-4105-b8d7-27c0b81c0856?source=api-prod",30]