CVE-2024-38777

WordPress Titan Anti-spam & Security plugin <= 7.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in CreativeMotion Titan Anti-spam & Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Titan Anti-spam & Security: from n/a through 7.3.6.


We have discovered 8,990 live websites that are affected by CVE-2024-38777.

Run a Free Instant Scan




Affected Software

Product  Anti-spam for WordPress
Category Anti SPAM
Vulnerable Domains8,990 live websites (62% of Anti-spam for WordPress install base)
Vulnerable Versions
  • from 0 through 7.3.6
Vulnerable Versions Count34 versions ( 92% of all versions)


Common Weakness Enumeration

CWE-862 Missing Authorization



Details

  • Published - Nov 1, 2024
  • Updated - Apr 28, 2026

Credits

  • Joshua Chan (Patchstack Alliance) (finder)

Website Distribution by Country

Number of websites using CVE-2024-38777
United States3,191 websites



Poland841 websites
Germany574 websites
Czech Republic427 websites
Italy424 websites
France411 websites
GB408 websites
Spain371 websites
Russia251 websites
Canada201 websites

Website Distribution by TLD

Number of websites using CVE-2024-38777
.com4,260 websites
.pl770 websites
.org381 websites
.cz356 websites
.net264 websites
.it245 websites
.ru215 websites
.co.uk190 websites
.de180 websites
.fr170 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2024-38777

Top websites that are affected by CVE-2024-38777. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.*************.com United States**,***
**************.com United States**,***
*******.***************.com United States**,***
*************.com United States**,***
******.com United States**,***
*************.***************.com United States**,***
*************.net United States***,***
****.org United States***,***
*********.***.br Brazil***,***
**********.co Cyprus***,***
See full domain list

FAQ

CVE-2024-38777 is Missing Authorization in Anti-spam for WordPress
A total of 8,990 websites have been identified as vulnerable to CVE-2024-38777, based on global website indexing conducted by WebTechSurvey.
The Anti-spam for WordPress is affected by the CVE-2024-38777 vulnerability.
Anti-spam for WordPress versions up to and including 7.3.6 are vulnerable to CVE-2024-38777.