3 matches found
CVE-2024-9305
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.4. This is due to the apppresetpassword and validateresetpassword functions not having enough controls to prevent a successful brute forc...
CVE-2024-9305
creationtimestamp| type| source ---|---|--- 2024-10-16 05:29:12+00:00| seen| https://t.me/cvedetector/7990...
WordPress AppPresser Plugin <= 4.4.4 is vulnerable to Privilege Escalation
Software AppPresser Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2024-9305 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2966965459f6 Credits wesley wcraft Required privilege...