What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.
Explanation of Vulnerability in Simple Terms
wProject versions before 5.8.0 contain an insufficient privilege validation flaw that allows authenticated users with low-level access to read, modify, or delete sensitive data and disrupt site operations. The vulnerability requires a valid user account but no special interaction. Administrators should update to version 5.8.0 or later immediately.
What an attacker can do
Read, modify, or delete sensitive data; disrupt site availability.
Potential impact on your site
Any logged-in user can access or alter critical data and cause service disruption.
Conditions required to exploit
Valid user account with low-level privileges; network access to the site.
Key dates
External resources
Related vulnerabilities