Medium severity5.3NVD Advisory· Published Feb 19, 2025· Updated Apr 8, 2026

CVE-2024-13364

Description

The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the site_ads_files_reset() and cls_file_reset() functions in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to reset the ad and cls files.

Affected products

Raptive/Raptive Ads
cpe:2.3:a:raptive:raptive_ads:*:*:*:*:*:wordpress:*:*
Range: <=3.6.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.wordfence.com/threat-intel/vulnerabilities/id/7a08d857-c8be-4ba8-b9fb-eed222a8cd8cnvdThird Party Advisory
wordpress.org/plugins/adthrive-ads/nvdProduct
plugins.trac.wordpress.org/changeset/3244125/nvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000