Lucene search
K

4 matches found

NVD
NVD
added 2025/03/05 10:15 a.m.4 views

CVE-2024-13810

The Zass - WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'zassimportzass' AJAX actions in all versions up to, and including, 3.9.9.10. This makes it possible for authenticated attackers, with...

4.3CVSS0.00221EPSS
Exploits0References2
Circl
Circl
added 2025/03/05 9:35 a.m.4 views

CVE-2024-13810

creationtimestamp| type| source ---|---|--- 2025-03-05 09:35:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6518 2025-03-05 12:45:54+00:00| seen| https://t.me/cvedetector/19614...

4.3CVSS8.7AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 2025/03/05 9:21 a.m.41 views

CVE-2024-13810

CVE-2024-13810 affects Zass - WooCommerce Theme for WordPress (Zass theme) up to version 3.9.9.10. Networks: missing capability check on the zass_import_zass AJAX actions allows authenticated attackers with Subscriber-level access or higher to import demo content and overwrite the site. Connected...

4.3CVSS6.7AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/05 9:21 a.m.11 views

CVE-2024-13810 Zass - WooCommerce Theme for Handmade Artists and Artisans <= 3.9.9.10 - Missing Authorization to Authenticated (Subscriber+) Demo Import

The Zass - WooCommerce Theme for Handmade Artists and Artisans theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'zassimportzass' AJAX actions in all versions up to, and including, 3.9.9.10. This makes it possible for authenticated attackers, with...

4.3CVSS0.00221EPSS
Exploits0References2
Rows per page
Query Builder