CVE-2024-13449 | ibsofts Boom Fest Plugin up to 2.2.1 on WordPress Setting bf_admin_action authorization

CVE-2024-13449 | ibsofts Boom Fest Plugin up to 2.2.1 on WordPress Setting bf_admin_action authorization

A vulnerability was found in ibsofts Boom Fest Plugin up to 2.2.1 on WordPress. It has been classified as problematic. Affected is the function bf_admin_action of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-13449. It is possible to launch the attack remotely. There is no exploit available.