Tutor LMS Pro < 2.7.1 - Missing Authorization to Privilege Escalation

Description The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, wit...

XStore < 9.3.9 - Missing Authorization

Description The XStore theme for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 9.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

XStore < 9.3.9 - Missing Authorization

Description The theme is vulnerable to unauthorized access due to a missing capability check on a function, allowing unauthenticated attackers to perform an unauthorized action...

Print Labels with Barcodes < 3.4.7 - Subscriber+ Settings/Profiles Update, Templates/Barcodes Access/Creation/Edition/Deletion

Description The plugin is vulnerable to unauthorized access of data, modification of data, and loss of data due to an improper capability check on 42 separate AJAX functions. This makes it possible for authenticated attackers, with subscriber access and above, to fully control the plugin which...

Mega Addons For Elementor < 1.9 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action...

PeproDev Ultimate Invoice < 2.0.2 - Missing Authorisation

Description The plugin is vulnerable to unauthorized access due to a missing capability check on a function, allowing unauthenticated attacker to perform an unauthorized action...

VikBooking < 1.6.8 - Broken Access Control

Description The plugin's access control mechanism fails to properly restrict access to its settings, permitting any users that can access a menu to manipulate requests and perform unauthorized actions such as editing, renaming or deleting categories for example despite initial settings prohibitin...

Redirection < 1.2.0 - Subscriber+ Unauthorised Action Calls

Description The plugin is vulnerable to unauthorized access due to a missing capability check on several functions, allowing authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

Clone < 2.4.4 - Subscriber+ Unauthorised Action Calls

Description The plugin is vulnerable to unauthorized access due to a missing capability check on several functions, allowing authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

Responsive Lightbox < 2.4.7 - Information Disclosure

Description The plugin is vulnerable to unauthorized access due to a missing capability check on the galleryattributes function in versions up to, and including, 2.4.6. This makes it possible for authenticated attackers, with contributor-level access and above, to view post content they shouldn't...

GamiPress < 6.8.9 - Broken Access Control

Description The plugin's access control mechanism fails to properly restrict access to its settings, permitting Authors to manipulate requests and extend access to lower privileged users, like Subscribers, despite initial settings prohibiting such access. This vulnerability resembles broken acces...

Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control

Description The plugin does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions PoC While logged as a subscriber, paste the following in your browser's console: fetch'/wp-admin/admin-ajax.php',...

Relevanssi < 4.22.1 - Unauthenticated Query Log Export

Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on the relevanssiexportlogcheck function, allowing unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper...

My Private Site < 3.1.0 - Improper Access Control to Sensitive Information Exposure via REST API

Description The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's site privacy feature and view restricted page and post...

ACF Photo Gallery Field < 2.7 - Missing Authorization

Description The plugin is vulnerable to unauthorized access of data, modification of data, or loss of data due to a missing capability check on an unknown function, allowing authenticated attackers, with subscriber access and above, to access the unprotected function...

Simple Page Access Restriction < 1.0.23 - Improper Access Control to Sensitive Information Exposure via REST API

Description The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's page restriction and view page content...

Happyforms < 1.25.11 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check, allowing unauthenticated attackers to perform unauthorized actions...

MultiVendorX Marketplace < 4.0.26 - Missing Authorization

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check, allowing unauthenticated attackers to call a function that should be accessible to higher users only...

PilotPress < 2.0.31 - Subscriber+ Report Access & DB Transients Purging

Description The plugin is vulnerable to unauthorized access to data and loss of data due to a missing capability check on multiple AJAX functions, allowing authenticated attackers, with subscriber access and above, to view reports and purge database transients...

Load More Anything < 3.3.4 - Subscriber+ Settings Update

Description The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...