cleantalk
Vulnerabilities and Security Researches

AMP for WP – Accelerated Mobile Pages, CVE-2024-1043

CVE, Research URL

CVE-2024-1043

Home page URL

Security reports for AMP for WP – Accelerated Mobile Pages

Application

AMP for WP – Accelerated Mobile Pages

Published on
Feb 29, 2024
Research Description
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'amppb_remove_saved_layout_data' function in all versions up to, and including, 1.0.93.1. This makes it possible for authenticated attackers, with contributor access and above, to delete arbitrary posts on the site.
Affected versions
Min -, max 1.0.93.2.
Status
vulnerable
Previous vulnerability researches
AMP for WP – Accelerated Mobile Pages (CVE-2024-0587) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2021-23150) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2021-23209) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2024-1043) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2023-48321) , Jun 07, 2024
New vulnerability
Themesflat Addons For Elementor (CVE-2025-3275) , Apr 20, 2025
WP Simple Booking Calendar (CVE-2025-39541) , Apr 20, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025