3 matches found
CVE-2024-31274
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11...
CVE-2024-31274
CVE-2024-31274: WPDeveloper EmbedPress for WordPress is affected by a Missing Authorization (Broken Access Control) vulnerability in EmbedPress versions up to 3.9.11. Public sources (NVD, Red Hat) rate the CVSS v3.1 base score at 5.3 (Medium), with impact limited to integrity. Public exploitation...
WordPress EmbedPress Plugin <= 3.9.11 is vulnerable to Broken Access Control
Software EmbedPress Type Plugin Vulnerable versions = 3.9.11 Fixed in 3.9.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31274 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 21ea0fca8d5f Credits Mika Required privilege...