CVE-2024-33686
Published: Apr 29, 2024
Modified: Apr 28, 2026
CVSS v3.1
4.3
Description
Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea WP: from n/a through 1.0.13; Elevate WP: from n/a through 1.0.15; Brite: from n/a through 1.0.11; Colibri WP: from n/a through 1.0.94; Vertice: from n/a through 1.0.7.
| Vendor | Product | Versions |
|---|---|---|
Extend Themes | Pathway | affected n/a - <= 1.0.15 |
Extend Themes | Hugo WP | affected n/a - <= 1.0.8 |
Extend Themes | Althea WP | affected n/a - <= 1.0.13 |
Extend Themes | Elevate WP | affected n/a - <= 1.0.15 |
Extend Themes | Brite | affected n/a - <= 1.0.11 |
Extend Themes | Colibri WP | affected n/a - <= 1.0.94 |
Extend Themes | Vertice | affected n/a - <= 1.0.7 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now