Lucene search
K

5 matches found

OSV
OSV
added 2024/07/24 4:15 a.m.4 views

CVE-2024-5861

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...

6.5CVSS5.8AI score0.00398EPSS
Exploits0References4
NVD
NVD
added 2024/07/24 4:15 a.m.24 views

CVE-2024-5861

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...

6.5CVSS0.00398EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/24 3:17 a.m.28 views

CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...

5.3CVSS0.00398EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/24 3:17 a.m.14 views

CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection

The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...

5.3CVSS6.7AI score0.00398EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.10 views

WordPress WP EasyPay Plugin <= 4.2.3 is vulnerable to Broken Access Control

Software WP EasyPay Type Plugin Vulnerable versions = 4.2.3 Fixed in 4.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5861 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 60a90782a604 Credits Lucio Sá Required privilege...

6.5CVSS6.6AI score0.00398EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder