Lucene search
K

31 matches found

GithubExploit
GithubExploit
added 2023/08/03 9:39 a.m.577 views

Exploit for Missing Authorization in Content_Mask_Project Content_Mask

CVE-2022-1203 Content Mask 1.8.4 - Subscriber+ Arbitrary...

4.3CVSS4.6AI score0.01052EPSS
Exploits3
CNVD
CNVD
added 2022/06/01 12:0 a.m.13 views

WordPress Content Mask plugin has an unspecified vulnerability

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A security vulnerability exists in versions of WordPress Content Mask plugin prior to 1.8.4.1. The vulnerability...

4.3CVSS2.3AI score0.01052EPSS
Exploits3References1
NVD
NVD
added 2022/05/30 9:15 a.m.25 views

CVE-2022-1203

The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog optio...

4.3CVSS0.01052EPSS
Exploits3References1
OSV
OSV
added 2022/05/30 9:15 a.m.4 views

CVE-2022-1203

The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog optio...

4.3CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/30 9:15 a.m.4 views

CVE-2022-1203

The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog optio...

4.3CVSS5.6AI score0.01052EPSS
Exploits3References3
CNNVD
CNNVD
added 2022/05/30 12:0 a.m.6 views

WordPress plugin Content Mask 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A security vulnerability exists in versions of WordPress Content Mask plugin prior to 1.8.4.1. The vulnerability...

4.3CVSS5.8AI score0.01052EPSS
Exploits3References3
Cvelist
Cvelist
added 2022/05/30 12:0 a.m.24 views

CVE-2022-1203 Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog optio...

4.9AI score0.01052EPSS
Exploits3References1
CVE
CVE
added 2022/05/30 12:0 a.m.87 views

CVE-2022-1203

The CVE-2022-1203 issue affects the Content Mask WordPress plugin, prior to version 1.8.4.1. The root cause is missing authorization and CSRF checks in various AJAX actions, plus failure to validate the updated option belongs to the plugin, enabling any authenticated user (e.g., subscriber) to mo...

4.3CVSS4.5AI score0.01052EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/03 12:0 a.m.21 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options PoC POST /wp-admin/admin-ajax.php...

4.3CVSS1.4AI score0.01052EPSS
Exploits3Affected Software1
wpexploit
wpexploit
added 2022/05/03 12:0 a.m.103 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options POST /wp-admin/admin-ajax.php...

4.3CVSS0.6AI score0.01052EPSS
Exploits3
Patchstack
Patchstack
added 2022/05/03 12:0 a.m.26 views

WordPress Content Mask plugin <= 1.8.4 - Arbitrary Options Update vulnerability

Arbitrary Options Update vulnerability discovered by ptsfence in WordPress Content Mask plugin versions = 1.8.4. Solution Update the WordPress Content Mask plugin to the latest available version at least 1.8.4.1...

4.3CVSS3.2AI score0.01052EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder