Lucene search
K

14 matches found

Circl
Circl
added 2023/07/28 12:29 p.m.10 views

CVE-2023-0958

creationtimestamp| type| source ---|---|--- 2023-07-28 12:29:34+00:00| seen| https://t.me/cibsecurity/67370...

6.5CVSS7.1AI score0.00557EPSS
Exploits0References1
CVE
CVE
added 2023/07/28 4:37 a.m.66 views

CVE-2023-0958

CVE-2023-0958 affects WordPress plugins developed by Inisev that expose an inisev_installation AJAX action. The root cause is a missing capability check in the handle_installation function, enabling an authenticated attacker with minimal privileges (e.g., a subscriber) to install select Inisev pl...

6.5CVSS6.4AI score0.00557EPSS
Exploits0References23Affected Software11
Cvelist
Cvelist
added 2023/07/28 4:37 a.m.44 views

CVE-2023-0958 Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function

Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handleinstallation function that is called via the inisevinstallation AJAX aciton in various versions. This makes it possible for authenticated attackers with...

4.3CVSS6.4AI score0.00557EPSS
Exploits0References23
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.10 views

WordPress Clone Plugin <= 2.3.7 is vulnerable to Broken Access Control

Software Clone Type Plugin Vulnerable versions = 2.3.7 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 17cafe8314cd Credits WordFence Required privilege Subscriber...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.11 views

WordPress Social Media & Share Icons Plugin <= 2.8.1 is vulnerable to Broken Access Control

Software Social Media & Share Icons Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 09b1cc5d23e4 Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.7 views

WordPress Duplicate Post Plugin <= 1.3.9 is vulnerable to Broken Access Control

Software Duplicate Post Type Plugin Vulnerable versions = 1.3.9 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c8c2c9580bd9 Credits WordFence Required privilege...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.9 views

WordPress SSL Mixed Content Fix Plugin <= 3.2.3 is vulnerable to Broken Access Control

Software SSL Mixed Content Fix Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f6d89bad3ca9 Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.21 views

WordPress Social Share Icons & Social Share Buttons Plugin <= 3.5.7 is vulnerable to Broken Access Control

Software Social Share Icons & Social Share Buttons Type Plugin Vulnerable versions = 3.5.7 Fixed in 3.5.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 70d3b475ed6b Credits...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.9 views

WordPress Redirect Redirection Plugin <= 1.1.3 is vulnerable to Broken Access Control

Software Redirect Redirection Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 805c41b36a96 Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.15 views

WordPress RSS Redirect & Feedburner Alternative Plugin <= 3.7 is vulnerable to Broken Access Control

Software RSS Redirect & Feedburner Alternative Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6e5bdc6d7d15 Credits WordFence...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.10 views

WordPress Pop-up Plugin <= 1.1.9 is vulnerable to Broken Access Control

Software Pop-up Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6c527b0974ca Credits WordFence Required privilege Subscriber...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.10 views

WordPress Backup Migration Plugin <= 1.2.7 is vulnerable to Broken Access Control

Software Backup Migration Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c3aab82cdff1 Credits WordFence Required privilege...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.11 views

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65c113fe970b Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2023/07/28 12:0 a.m.10 views

WordPress Enhanced Text Widget Plugin <= 1.5.7 is vulnerable to Broken Access Control

Software Enhanced Text Widget Type Plugin Vulnerable versions = 1.5.7 Fixed in 1.5.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2f1a0df14a11 Credits WordFence Required...

6.5CVSS6.2AI score0.00557EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder