Unrated severityNVD Advisory· Published Jun 28, 2024· Updated Aug 27, 2025

Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update

CVE-2024-5570

Description

The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Simple Photoswipecpe-rescue2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)
Simple Photoswipe/Simple Photoswipellm-create
Range: <=0.1

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/49b3a8cb-f606-4cf7-80ec-bfdafd74e848/mitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000