SpirityCVE

CVE-2024-54378 - WordPress Quietly Insights plugin <= 1.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Quietly Quietly Insights quietly-insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through <= 1.2.2.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

No data.

References

Link	Providers
https://www.spirityenterprise.com/virtual-ciso
https://patchstack.com/database/Wordpress/Plugin/quietly-insights/vulnerability/wordpress-quietly-insights-plugin-1-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve

History

Wed, 01 Apr 2026 23:45:00 +0000

Type	Values Removed	Values Added
Description	Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2.	Missing Authorization vulnerability in Quietly Quietly Insights quietly-insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through <= 1.2.2.
References	https://patchstack.com/database/wordpress/plugin/quietly-insights/vulnerability/wordpress-quietly-insights-plugin-1-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve	https://patchstack.com/database/Wordpress/Plugin/quietly-insights/vulnerability/wordpress-quietly-insights-plugin-1-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00479}`	epss `{'score': 0.0054}`

Mon, 16 Dec 2024 14:45:00 +0000

Type	Values Removed	Values Added
Description		Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2.
Title		WordPress Quietly Insights plugin <= 1.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Weaknesses		CWE-862
References		https://patchstack.com/database/wordpress/plugin/quietly-insights/vulnerability/wordpress-quietly-insights-plugin-1-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-12-16T14:31:30.381Z

Updated: 2026-04-01T15:39:56.775Z

Reserved: 2024-12-02T12:05:43.082Z

Link: CVE-2024-54378

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2024-12-16T15:15:11.740

Modified: 2026-04-01T16:21:10.653

Link: CVE-2024-54378

Redhat

No data.

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object