Lucene search
K

121 matches found

Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.11 views

PT-2024-18412 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the categorifyAjaxAddCategory function. This allows...

4.3CVSS9.2AI score0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.5 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.5 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00204EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.5 views

PT-2024-18201 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue is related to a missing capability check on the categorifyAjaxUpdateFolderPosition function, allowing authenticated attackers with subscriber-level...

4.3CVSS9.2AI score0.0034EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxAddCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxAddCategory function. This makes it possible for unauthenticated attackers to add...

4.3CVSS6.4AI score0.00204EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxDeleteCategory function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxClearCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxClearCategory function. This makes it possible for unauthenticated attackers to clea...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxClearCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxRenameCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxRenameCategory function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxUpdateFolderPosition

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.5AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.10 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxDeleteCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.23 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxUpdateFolderPosition function. This makes it possible for unauthenticated attackers ...

4.3CVSS6.7AI score0.00202EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Categorify Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Categorify Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ce4f365e15c Credits Rafie Muhammad Patchstack Required...

6.4AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.14 views

WordPress Categorify – WordPress Media Library Category & File Manager plugin <= 1.0.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Categorify – WordPress Media Library Category & File Manager plugin versions = 1.0.4. Solution Update the WordPress Categorify – WordPress Media Library Category & File Manager plugin to the latest available version at least...

4.5AI score
Exploits0References2Affected Software1
Rows per page
Query Builder