CVE-2024-31342 is a CWE-862 Missing Authorization vulnerability in the WPcloudgallery WordPress Gallery Exporter plugin, affecting versions up to 1.3. The issue allows an attacker with limited privileges to bypass authorization controls, potentially leading to unauthorized access to sensitive gallery export functionality. The vulnerability has a CVSS 3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N), indicating network attack vector, low attack complexity, requiring low privileges, no user interaction, unchanged scope, high confidentiality impact, and no impact on integrity or availability. No official patch or fix has been published by the vendor as of the latest data.

The vulnerability could allow an attacker with low privileges to access or export gallery data without proper authorization, leading to a high confidentiality impact. There is no reported impact on integrity or availability. No known exploits have been observed in the wild.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the plugin functionality to trusted users only and monitor for suspicious activity related to gallery exports. Avoid granting unnecessary privileges to users who do not require access to export features.