5 matches found
CVE-2024-6698
creationtimestamp| type| source ---|---|--- 2024-08-01 07:03:43+00:00| seen| https://t.me/cvedetector/2208...
CVE-2024-6698
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the updateusermeta function. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-6698 FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the updateusermeta function. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-6698 FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the updateusermeta function. This makes it possible for authenticated attackers, with subscriber-level...
WordPress WP Fundraising Donation and Crowdfunding Platform Plugin <= 1.7.0 is vulnerable to Privilege Escalation
Software WP Fundraising Donation and Crowdfunding Platform Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-6698 Patch priority High CVSS severity High 8.8 Developer Claim ownership...