5 matches found
CVE-2024-5861
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...
CVE-2024-5861
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...
CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...
CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpepsquaredisconnect function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect squar...
WordPress WP EasyPay Plugin <= 4.2.3 is vulnerable to Broken Access Control
Software WP EasyPay Type Plugin Vulnerable versions = 4.2.3 Fixed in 4.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5861 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 60a90782a604 Credits Lucio Sá Required privilege...