CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Vulnrichment•added 2024/05/09 8:3 p.m.•18 views

CVE-2024-3915 Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update

The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sfeditdirectoryitem function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary posts with...

5.3CVSS6.8AI score0.00217EPSS

Exploits0References2

Patchstack•added 2024/05/05 11:29 p.m.•3 views

WordPress Swift Framework plugin <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update vulnerability

Missing Authorization to Unauthenticated Arbitrary Content Update vulnerability discovered by Francesco Carlucci in WordPress Plugin Swift Framework versions = 2.7.31...

5.3CVSS7AI score0.00217EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/04/30 11:59 a.m.•3 views

WordPress ACF Front End Editor plugin <= 2.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Content Update vulnerability discovered by Francesco Carlucci in WordPress Plugin ACF Front End Editor versions = 2.0.2...

4.3CVSS7AI score0.00119EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/04/30 11:54 a.m.•2 views

WordPress ACF On-The-Go plugin <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Content Update vulnerability discovered by Francesco Carlucci in WordPress Plugin ACF On-The-Go versions = 1.0.1...

4.3CVSS7AI score0.00187EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by