5 matches found
CVE-2021-24189
Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then...
CVE-2021-24189
Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then...
CVE-2021-24189
Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then...
CVE-2021-24189 Captchinoo, Google recaptcha for admin login page < 2.4 - Arbitrary Plugin Installation/Activation via Low Privilege User
Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then...
CVE-2021-24189
CVE-2021-24189 affects the Captchinoo, Google recaptcha for admin login page WordPress plugin (pre-2.4). Low-privilege users can exploit the AJAX action cp_plugins_do_button_job_later_callback to install any plugin (including a specific version) from the WordPress repository and activate arbitrar...