CVE-2024-33686

Broken Access Control vulnerability affecting multiple WordPress themes by Extend Themes

Description

Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea WP: from n/a through 1.0.13; Elevate WP: from n/a through 1.0.15; Brite: from n/a through 1.0.11; Colibri WP: from n/a through 1.0.94; Vertice: from n/a through 1.0.7.

INFO

Published Date :

2024-04-29T05:56:41.838Z

Last Modified :

2026-04-28T16:09:45.151Z

Source :

Patchstack

AFFECTED PRODUCTS

The following products are affected by CVE-2024-33686 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-33686.

URL	Resource
https://patchstack.com/database/vulnerability/althea-wp/wordpress-althea-wp-theme-1-0-13-broken-access-control-vulnerability
https://patchstack.com/database/vulnerability/brite/wordpress-brite-theme-1-0-11-broken-access-control-vulnerability
https://patchstack.com/database/vulnerability/colibri-wp/wordpress-colibri-wp-theme-1-0-94-broken-access-control-vulnerability
https://patchstack.com/database/vulnerability/elevate-wp/wordpress-elevate-wp-theme-1-0-15-broken-access-control-vulnerability
https://patchstack.com/database/vulnerability/hugo-wp/wordpress-hugo-wp-theme-1-0-8-broken-access-control-vulnerability
https://patchstack.com/database/vulnerability/pathway/wordpress-pathway-theme-1-0-15-cross-site-request-forgery-csrf-vulnerability
https://patchstack.com/database/vulnerability/vertice/wordpress-vertice-theme-1-0-7-broken-access-control-vulnerability

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact