77 matches found
WordPress plugin IdeaPush 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-37461
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65...
WordPress IdeaPush plugin <= 8.71 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin IdeaPush versions = 8.71...
CVE-2023-48774
Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a...
CVE-2023-48774
Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a...
CVE-2023-48774 WordPress IdeaPush plugin < 8.58 - Broken Access Control vulnerability
Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a...
PT-2024-13647 · Ideapush · Ideapush
Name of the Vulnerable Software and Affected Versions: IdeaPush affected versions not specified Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: At the moment, there...
WordPress plugin IdeaPush 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-11844
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2024-11844
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2024-11844 IdeaPush <= 8.71 - Missing Authorization to Board Term Deletion
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2024-11844
The CVE-2024-11844 entry concerns the IdeaPush WordPress plugin (versions up to and including 8.71). Root cause: missing capability check in the idea_push_taxonomy_save_routine allows authenticated users with Subscriber-level access or higher to delete terms in the boards taxonomy, effectively en...
CVE-2024-11844 IdeaPush <= 8.71 - Missing Authorization to Board Term Deletion
The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ideapushtaxonomysaveroutine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above...
WordPress plugin IdeaPush 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-17291 · WordPress · Ideapush
Name of the Vulnerable Software and Affected Versions: IdeaPush plugin for WordPress versions up to, and including, 8.71 Description: The issue concerns a lack of capability check in the idea push taxonomy save routine function, allowing authenticated attackers with Subscriber-level access and...
CVE-2024-49275
Cross-Site Request Forgery CSRF vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69...
CVE-2024-49275
Cross-Site Request Forgery CSRF vulnerability in Northern Beaches Websites IdeaPush ideapush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through = 8.69...
CVE-2024-49275 WordPress IdeaPush plugin <= 8.69 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69...
CVE-2024-49275
The CVE-2024-49275 entry concerns a Cross-Site Request Forgery (CSRF) in the WordPress plugin IdeaPush by Martin Gibson, affecting versions n/a through 8.69. Patchstack documents that the vulnerability is fixed in 8.71, indicating a software fix was released to address unauthorized actions perfor...
CVE-2024-49275 WordPress IdeaPush plugin <= 8.69 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Northern Beaches Websites IdeaPush ideapush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through = 8.69...