WordPress Enjoy Social Feed plugin for WordPress website Plugin <= 6.2.2 is vulnerable to Broken Access Control

Software Enjoy Social Feed plugin for WordPress website Type Plugin Vulnerable versions = 6.2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0780 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 0adff21e032c...

CVE-2024-0780

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action...

CVE-2024-0780

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action...

CVE-2024-0780 Enjoy Social Feed <= 6.2.2 - Subscriber+ Plugin Database Reset

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action...

CVE-2024-0780

The CVE-2024-0780 affects the WordPress plugin Enjoy Social Feed (versions up to 6.2.2). The underlying issue is Broken Access Control: the database reset function lacks authorization, allowing any authenticated user (e.g., Subscribers) to reset the plugin’s database. Reported CVSS v3.1 base metr...