Security Advisory

CVE-2024-38744

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-01 14:18:01

Last updated 2026-04-28 16:10:06

Assigner Patchstack

State PUBLISHED

Description

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0.

← Browse all CVEs View on cve.org ↗