{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T18:55:37.833","vulnerabilities":[{"cve":{"id":"CVE-2024-38770","sourceIdentifier":"audit@patchstack.com","published":"2024-08-01T21:15:27.880","lastModified":"2026-06-17T07:41:01.810","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20."},{"lang":"es","value":" La vulnerabilidad de gestión de privilegios inadecuada en Revmakx Backup and Staging de WP Time Capsule permite la escalada de privilegios y la omisión de autenticación. Este problema afecta a Backup and Staging de WP Time Capsule: desde n/a hasta 1.22.20."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Revmakx","product":"Backup and Staging by WP Time Capsule","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"wp-time-capsule","versions":[{"version":"n/a","lessThanOrEqual":"1.22.20","versionType":"custom","status":"affected","changes":[{"at":"1.22.21","status":"unaffected"}]}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"revmakx","product":"backup_and_staging_by_wp_time_capsule","defaultStatus":"unknown","cpes":["cpe:2.3:a:revmakx:backup_and_staging_by_wp_time_capsule:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"1.22.20","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-07T18:18:20.795929Z","id":"CVE-2024-38770","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/wp-time-capsule/wordpress-backup-and-staging-by-wp-time-capsule-plugin-1-22-20-authentication-bypass-and-privilege-escalation-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}