Lucene search
K

4 matches found

Circl
Circl
added 2022/12/15 12:22 a.m.7 views

CVE-2022-4501

creationtimestamp| type| source ---|---|--- 2022-12-15 00:22:56+00:00| seen| https://t.me/cibsecurity/54562...

7.1CVSS6.3AI score0.00692EPSS
Exploits0References1
NVD
NVD
added 2022/12/14 9:15 p.m.24 views

CVE-2022-4501

The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vcsavingdata function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin'...

7.1CVSS0.00692EPSS
Exploits0References3
CVE
CVE
added 2022/12/14 8:38 p.m.52 views

CVE-2022-4501

The CVE-2022-4501 entry concerns the Mega Addons plugin for WordPress, where an authorization bypass exists due to a missing capability check in the vc_saving_data function up to version 4.2.7. This allows authenticated users with subscriber-level permissions and above to update plugin settings. ...

7.1CVSS6.6AI score0.00692EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/14 8:38 p.m.12 views

CVE-2022-4501 Mega Addons For WPBakery Page Builder <= 4.3.0 - Authenticated (Subscriber+) Settings Update

The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vcsavingdata function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin'...

7.1CVSS6.6AI score0.00692EPSS
Exploits0References2
Rows per page
Query Builder