CVE-2023-2174

creationtimestamp| type| source ---|---|--- 2023-08-31 12:12:49+00:00| seen| https://t.me/cibsecurity/69514...

CVE-2023-2174

The CVE-2023-2174 entry concerns the BadgeOS WordPress plugin. A missing capability check in the function delete_badgeos_log_entries allows authenticated users with subscriber-level permissions and above to modify the plugin’s data by deleting log entries. This affects BadgeOS versions up to and ...

CVE-2023-2174 BadgeOS <= 3.7.1.6 - Missing Authorization in delete_badgeos_log_entries

The BadgeOS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletebadgeoslogentries function in versions up to, and including, 3.7.1.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

CVE-2023-2174 BadgeOS <= 3.7.1.6 - Missing Authorization in delete_badgeos_log_entries

The BadgeOS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletebadgeoslogentries function in versions up to, and including, 3.7.1.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

Amazon Linux 2 : python-ipaddress (ALAS-2023-2174)

The version of python-ipaddress installed on the remote host is prior to 1.0.16-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2174 advisory. A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and...

SUSE SLES15 Security Update : container-suseconnect (SUSE-SU-2023:2174-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2174-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...