← back
CVE-2024-50477

WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Account Takeover vulnerability

CVSS 9.8 CRITICALEPSS 8.0%CWE-288
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Stacks · Stacks Mobile App Builder
public PoCs found2
githubgithub.com/RandomRobbieBF/CVE-2024-504770exploitdbwww.exploit-db.com/exploits/52357unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/Wordpress/Plugin/stacks-mobile-app-builder/vulnerability/wordpress-stacks-mobile-app-builder-plugin-5-2-3-account-takeover-vulnerability?_s_id=cve