Medium severity5.4NVD Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2024-3722
CVE-2024-3722
Description
The Swift Performance Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajax_handler() function in all versions up to, and including, 2.3.6.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve and modify settings.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.3.6.18+ 1 more
- (no CPE)range: <=2.3.6.18
- (no CPE)range: <=2.3.6.18
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.