3 matches found
CVE-2024-37470
Missing Authorization vulnerability in WofficeIO Woffice Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Woffice Core: from n/a through 5.4.8...
CVE-2024-37470 WordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerability
Missing Authorization vulnerability in WofficeIO Woffice Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Woffice Core: from n/a through 5.4.8...
WordPress Woffice Core Plugin <= 5.4.8 is vulnerable to Broken Access Control
Software Woffice Core Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37470 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID d7dfbe1583d4 Credits Rafie Muhammad Patchstack...