VYPR

Croma Music

by WordPress

CVEs (1)

  • CVE-2024-12202HigJan 7, 2025
    risk 0.57cvss 8.8epss 0.01

    The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusic_ajax' function in all versions up to, and including, 3.6. This makes it possible for authenticated…