4 matches found
CVE-2024-9629
creationtimestamp| type| source ---|---|--- 2024-10-28 20:20:55+00:00| seen| https://t.me/cvedetector/9153...
CVE-2024-9629 Contact Form 7 + Telegram <= 0.8.5 - Missing Authorization to Authenticated (Subscriber+) Subscription Approve/Pause/Refuse
The Contact Form 7 + Telegram plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'wpcf7Telegram::ajax' function in versions up to, and including, 0.8.5. This makes it possible for authenticated attackers, with...
CVE-2024-9629 Contact Form 7 + Telegram <= 0.8.5 - Missing Authorization to Authenticated (Subscriber+) Subscription Approve/Pause/Refuse
The Contact Form 7 + Telegram plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'wpcf7Telegram::ajax' function in versions up to, and including, 0.8.5. This makes it possible for authenticated attackers, with...
WordPress Contact Form 7 Telegram Plugin <= 0.8.5 is vulnerable to Broken Access Control
Software Contact Form 7 Telegram Type Plugin Vulnerable versions = 0.8.5 Fixed in 0.8.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9629 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bc9031e15885 Credits István Márton Required...