4 matches found
CVE-2024-8121
creationtimestamp| type| source ---|---|--- 2024-09-04 10:13:13+00:00| seen| https://t.me/cvedetector/4772...
CVE-2024-8121 The Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Missing Authorization to Admin Username Change
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpextchangeadminname function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, wi...
CVE-2024-8121 The Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Missing Authorization to Admin Username Change
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpextchangeadminname function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, wi...
WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.8 is vulnerable to Broken Access Control
Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8121 Patch priority Low CVSS severity Low 5.4 Developer WP Extended PSID 13565964e4a5 Credits Marco...