CVE-2024-38719

MEDIUM

Creative Motion Auto Featured Image <4.1.2 - RCE

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.1.2.

Scores

CVSS v3 4.3
EPSS 0.0036
EPSS Percentile 28.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
Creative Motion/Auto Featured Image (Auto Post Thumbnail) < 4.1.2
Published Nov 01, 2024
Tracked Since Feb 18, 2026