Lucene search
K

5 matches found

Circl
Circl
added 2023/06/07 7:35 a.m.7 views

CVE-2020-36696

creationtimestamp| type| source ---|---|--- 2023-06-07 07:35:49+00:00| seen| https://t.me/cibsecurity/65027...

7.5CVSS7.3AI score0.01088EPSS
Exploits1References1
NVD
NVD
added 2023/06/07 2:15 a.m.15 views

CVE-2020-36696

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handledownloads function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable...

7.5CVSS7.4AI score0.01088EPSS
Exploits1References4
OSV
OSV
added 2023/06/07 2:15 a.m.3 views

CVE-2020-36696

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handledownloads function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable...

7.5CVSS5.8AI score0.01088EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.8 views

CVE-2020-36696 Product Input Fields for WooCommerce <= 1.2.6 - Missing Authorization

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handledownloads function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to download files from the vulnerable...

7.5CVSS7.1AI score0.01088EPSS
Exploits1References4
CVE
CVE
added 2023/06/07 1:51 a.m.69 views

CVE-2020-36696

The CVE concerns the Product Input Fields for WooCommerce plugin for WordPress, where an authorization bypass allows unauthenticated users to download files. The root cause identified across multiple sources is a missing capability check on the handle_downloads() function in versions up to and in...

7.5CVSS7.3AI score0.01088EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder