Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:55 a.m.7 views

CVE-2024-10078

The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. This makes it possible for authenticated attackers, with subscriber-level access an...

7.3CVSS6.5AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2024/10/18 8:15 a.m.3 views

CVE-2024-10078

The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. This makes it possible for authenticated attackers, with subscriber-level access an...

5.4CVSS5.8AI score0.004EPSS
Exploits0References25
Vulnrichment
Vulnrichment
added 2024/10/18 7:35 a.m.12 views

CVE-2024-10078 WP Easy Post Types <= 1.4.4 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions

The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. This makes it possible for authenticated attackers, with subscriber-level access an...

6.3CVSS6.8AI score0.004EPSS
Exploits0References25
Patchstack
Patchstack
added 2024/10/17 12:0 a.m.17 views

WordPress Easy Post Types Plugin <= 1.4.4 is vulnerable to Broken Access Control

Software Easy Post Types Type Plugin Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10078 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5b9726265fc7 Credits István Márton Required...

7.3CVSS6.5AI score0.004EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder