CVE-2024-37517
WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerabilityMissing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.13.7.
We have discovered 9,650 live websites that are affected by CVE-2024-37517.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Domains | 9,650 live websites (17.03% of Spectra install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 147 versions ( 86.98% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Nov 1, 2024
- Updated - Nov 4, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2024-37517 usage by Country
 United States | 3,631 websites |
 Germany | 1,161 websites |
 France | 725 websites |
 Cyprus | 496 websites |
 GB | 313 websites |
 Poland | 302 websites |
 Spain | 282 websites |
 Netherlands | 190 websites |
 Russia | 178 websites |
 Italy | 141 websites |
CVE-2024-37517 usage by TLD
| .com | 4,402 websites |
| .de | 525 websites |
| .org | 498 websites |
| .fr | 274 websites |
| .net | 257 websites |
| .pl | 241 websites |
| .co.uk | 219 websites |
| .nl | 193 websites |
| .com.br | 187 websites |
| .es | 170 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-37517
Top websites that are affected by CVE-2024-37517. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ********.com | United States | **,*** | |
| *************.com | United States | **,*** | |
| ***************.com | United States | **,*** | |
| ******.****.fr | France | **,*** | |
| *********.net | United States | **,*** | |
| ***.com | United States | **,*** | |
| ************.com | United States | **,*** | |
| ******************.com | United States | **,*** | |
| ******************.com | United States | ***,*** | |
| *********.com | United States | ***,*** |
FAQ
CVE-2024-37517 is Missing Authorization in Spectra
A total of 9,650 websites have been identified as vulnerable to CVE-2024-37517, discovered through global website indexing conducted by WebTechSurvey.
Spectra is susceptible to CVE-2024-37517 vulnerability.
Spectra versions before, and including, 2.13.7 are vulnerable to CVE-2024-37517.