Lucene search
K

79 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.6 views

CVE-2023-0557

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

7.5CVSS4.9AI score0.00906EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.7 views

CVE-2023-0556

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

9.8CVSS4.9AI score0.00952EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:26 p.m.5 views

CVE-2025-47692

Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through = 1.3.5...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.15 views

CVE-2025-47692

Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through = 1.3.5...

4.3CVSS0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.6 views

CVE-2025-47692 WordPress ContentStudio <= 1.3.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in contentstudio ContentStudio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ContentStudio: from n/a through 1.3.3...

4.3CVSS4.6AI score0.00198EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.51 views

CVE-2025-47692

CVE-2025-47692 corresponds to a Missing Authorization issue in the WordPress ContentStudio plugin, affecting ContentStudio versions up to 1.3.3 (and related data for earlier 1.3.x branches). The vulnerability arises from incorrectly configured access control, enabling unauthorized actions within ...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.19 views

CVE-2025-47692 WordPress ContentStudio plugin <= 1.3.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through = 1.3.5...

4.3CVSS0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.3 views

WordPress plugin ContentStudio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6AI score0.00198EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.2 views

PT-2025-20231 · Unknown · Contentstudio

Name of the Vulnerable Software and Affected Versions: ContentStudio versions 1.3.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For ContentStudio...

4.3CVSS5.3AI score0.00198EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/01/30 12:0 a.m.14 views

WordPress ContentStudio Plugin < 1.2.6 is vulnerable to Other Vulnerability Type

Software ContentStudio Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A1: Injection Classification Other Vulnerability Type CVE CVE-2023-0556 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 3749f412d25d Credits Marco Wotschka Required privilege...

9.8CVSS6.8AI score0.00952EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/01/30 12:0 a.m.20 views

WordPress ContentStudio Plugin < 1.2.6 is vulnerable to Sensitive Data Exposure

Software ContentStudio Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0557 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID fbef17e08b06 Credits Chloe Chamberland Requir...

7.5CVSS6.5AI score0.00906EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/01/30 12:0 a.m.11 views

WordPress ContentStudio Plugin < 1.2.6 is vulnerable to Bypass Vulnerability

Software ContentStudio Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A5: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-0558 Patch priority Low CVSS severity Low 7.3 Developer Claim ownership PSID 9617386e7fb6 Credits Chloe Chamberland Required privileg...

9.8CVSS6.6AI score0.00877EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/01/27 10:15 p.m.4 views

CVE-2023-0558

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper...

9.8CVSS7.3AI score0.00877EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/01/27 10:15 p.m.2 views

CVE-2023-0557

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

7.5CVSS6.1AI score0.00906EPSS
Exploits1References4
NVD
NVD
added 2023/01/27 10:15 p.m.24 views

CVE-2023-0558

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper...

9.8CVSS9AI score0.00877EPSS
Exploits1References2
OSV
OSV
added 2023/01/27 10:15 p.m.2 views

CVE-2023-0558

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper...

9.8CVSS5.8AI score0.00877EPSS
Exploits1References2
OSV
OSV
added 2023/01/27 10:15 p.m.4 views

CVE-2023-0557

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

5.3CVSS6AI score0.00906EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/01/27 10:15 p.m.5 views

CVE-2023-0556

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

9.8CVSS6.6AI score0.00952EPSS
Exploits1References4
NVD
NVD
added 2023/01/27 10:15 p.m.21 views

CVE-2023-0556

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

9.8CVSS9.4AI score0.00952EPSS
Exploits1References4
Prion
Prion
added 2023/01/27 10:15 p.m.15 views

Design/Logic Flaw

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

5CVSS5.2AI score0.00906EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder