Lucene search
K

11 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.5 views

WordPress Accessiy By CodeConfig Accessibility plugin <= 1.0.2 - Authenticated (Subscriber+) Missing Authorization to Modify Accessibility Settings vulnerability

Authenticated Subscriber+ Missing Authorization to Modify Accessibility Settings vulnerability discovered by Peerapat Samatathanyakorn - Thai Team CVE in WordPress Plugin CodeConfig Accessibility versions = 1.0.2...

4.3CVSS5.9AI score0.00218EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.11 views

CVE-2025-13358

The Accessiy By CodeConfig Accessibility plugin for WordPress is vulnerable to unauthorized page creation due to missing authorization checks in versions up to, and including, 1.0.0. This is due to the plugin not performing capability checks in the Settings::createPage function. This makes it...

5.3CVSS5.5AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/06 6:30 a.m.3 views

EUVD-2025-201515

The Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References5
NVD
NVD
added 2025/12/06 6:15 a.m.5 views

CVE-2025-13358

The Accessiy By CodeConfig Accessibility plugin for WordPress is vulnerable to unauthorized page creation due to missing authorization checks in versions up to, and including, 1.0.0. This is due to the plugin not performing capability checks in the Settings::createPage function. This makes it...

5.3CVSS0.0024EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/06 5:49 a.m.4 views

CVE-2025-13358 Accessiy By CodeConfig Accessibility <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation

The Accessiy By CodeConfig Accessibility plugin for WordPress is vulnerable to unauthorized page creation due to missing authorization checks in versions up to, and including, 1.0.0. This is due to the plugin not performing capability checks in the Settings::createPage function. This makes it...

5.3CVSS5.2AI score0.0024EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/06 5:49 a.m.20 views

CVE-2025-13358 Accessiy By CodeConfig Accessibility <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation

The Accessiy By CodeConfig Accessibility plugin for WordPress is vulnerable to unauthorized page creation due to missing authorization checks in versions up to, and including, 1.0.0. This is due to the plugin not performing capability checks in the Settings::createPage function. This makes it...

5.3CVSS0.0024EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/06 5:49 a.m.2 views

CVE-2025-13309 Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters <= 1.0.2 - Authenticated (Subscriber+) Missing Authorization to Modify Accessibility Settings

The Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.2. This is due to the plugin not properly verifying that a user is authorized to perform an action...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References4
CVE
CVE
added 2025/12/06 5:49 a.m.7 views

CVE-2025-13309

CVE-2025-13309 documents confirm a WordPress plugin, Accessiy by CodeConfig Accessibility, is vulnerable to an authorization bypass. Affected versions up to and including 1.0.0 allow authenticated users with subscriber-level access and above to modify the plugin’s global accessibility settings du...

4.3CVSS5.9AI score0.00218EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/12/06 1:33 a.m.10 views

WordPress Accessiy By CodeConfig Accessibility plugin <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Page Creation vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin CodeConfig Accessibility versions = 1.0.0...

5.3CVSS6.5AI score0.0024EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/06 12:0 a.m.3 views

WordPress plugin Accessiy By CodeConfig Accessibility 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin i...

4.3CVSS6.2AI score0.00218EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/06 12:0 a.m.4 views

WordPress plugin Accessiy By CodeConfig Accessibility 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin i...

5.3CVSS6.1AI score0.0024EPSS
Exploits0References6
Rows per page
Query Builder