EUVD-2023-50818

Malicious code in bioql PyPI...

CVE-2023-46616

Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15...

CVE-2023-2764

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

CVE-2023-46616

Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15...

CVE-2023-46616 WordPress Draw Attention plugin <= 2.0.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15...

CVE-2023-46616 WordPress Draw Attention plugin <= 2.0.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15...

WordPress plugin Draw Attention 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

Draw Attention < 2.0.16 - Improper Access Control via register_cpt

Description The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due improper capability mapping on the registercpt function in versions up to, and including, 2.0.15. This makes it possible for authenticated attackers, with contributor-level access and above,...

WordPress Draw Attention Plugin <= 2.0.15 is vulnerable to Broken Access Control

Software Draw Attention Type Plugin Vulnerable versions = 2.0.15 Fixed in 2.0.16 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-46616 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 13d4f142d807 Credits thiennv Required privilege...

CVE-2023-2764

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

CVE-2023-2764

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

CVE-2023-2764

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

Design/Logic Flaw

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

CVE-2023-2764

The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsetfeaturedimage function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and...

CVE-2023-2764

The Draw Attention plugin for WordPress (CVE-2023-2764) is affected (versions up to 2.0.11). A missing capability check in ajax_set_featured_image enables authenticated users with subscriber-level permissions and above to alter the featured image of arbitrary posts using images from the media lib...

PT-2023-21275 · WordPress · Draw Attention

Name of the Vulnerable Software and Affected Versions: Draw Attention plugin for WordPress versions up to, and including, 2.0.11 Description: The issue allows authenticated attackers with subscriber-level permissions and above to modify data by changing the featured image of arbitrary posts using...

WordPress Plugin Draw Attention 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Draw Attention Plugin <= 2.0.11 is vulnerable to Broken Access Control

Software Draw Attention Type Plugin Vulnerable versions = 2.0.11 Fixed in 2.0.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2764 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 38c9e02b7556 Credits Alex Thomas Required...