4 matches found
CVE-2022-4501
creationtimestamp| type| source ---|---|--- 2022-12-15 00:22:56+00:00| seen| https://t.me/cibsecurity/54562...
CVE-2022-4501
The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vcsavingdata function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin'...
CVE-2022-4501
The CVE-2022-4501 entry concerns the Mega Addons plugin for WordPress, where an authorization bypass exists due to a missing capability check in the vc_saving_data function up to version 4.2.7. This allows authenticated users with subscriber-level permissions and above to update plugin settings. ...
CVE-2022-4501 Mega Addons For WPBakery Page Builder <= 4.3.0 - Authenticated (Subscriber+) Settings Update
The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vcsavingdata function in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin'...