4 matches found
CVE-2024-37249
CVE-2024-37249 concerns the WordPress plugin Advanced Custom Fields PRO (vulnerable through 6.3.1; fixed in 6.3.2). The issue is described as a Missing Authorization vulnerability enabling exploitation of misconfigured access controls (Broken Access Control). In the referenced data, the affected ...
WordPress Advanced Custom Fields PRO Plugin < 6.3.2 is vulnerable to Broken Access Control
Software Advanced Custom Fields PRO Type Plugin Vulnerable versions 6.3.2 Fixed in 6.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37249 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f318d317c2ed Credits Rafie Muhammad...
CVE-2023-37249
creationtimestamp| type| source ---|---|--- 2023-08-26 00:14:28+00:00| seen| https://t.me/cibsecurity/69213...
CVE-2023-37249
CVE-2023-37249 affects Infoblox NIOS up to version 8.5.1. A faulty component accepts malicious input without sanitization, resulting in shell access. The NVD entry records a CVSS v3.1 base score of 8.8 (Network, Low effort, Privileges Required: Low, User Interaction: None; Impact: Confidentiality...