CVE-2024-38690

WordPress iPanorama 360 plugin <= 1.8.3 - Broken Access Control vulnerability

Description

Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress Virtual Tour Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iPanorama 360 WordPress Virtual Tour Builder: from n/a through 1.8.3.

INFO

Published Date :

2024-11-01T14:18:09.345Z

Last Modified :

2024-11-01T18:28:26.844Z

Source :

Patchstack

AFFECTED PRODUCTS

The following products are affected by CVE-2024-38690 vulnerability.

Vendors	Products
Ipanorama 360 Wordpress Virtual Tour Builder Project	Ipanorama 360 Wordpress Virtual Tour Builder

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-38690.

URL	Resource
https://patchstack.com/database/vulnerability/ipanorama-360-virtual-tour-builder-lite/wordpress-ipanorama-360-plugin-1-8-3-broken-access-control-vulnerability?_s_id=cve

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact