EUVD-2024-50039

Malicious code in bioql PyPI...

EUVD-2024-50038

Malicious code in bioql PyPI...

CVE-2024-9586

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

CVE-2024-9587

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxlinkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plug...

CVE-2024-9587

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxlinkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plug...

CVE-2024-9586

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

CVE-2024-9586

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

CVE-2024-9587

CVE-2024-9587 (Linkz.ai WordPress plugin) affects the Linkz.ai plugin for WordPress, with vulnerable releases up to version 1.1.8. The root cause is a missing capability check in the ajax_linkz function, enabling authenticated attackers with contributor-level privileges or higher to modify plugin...

CVE-2024-9586

The CVE-2024-9586 entry concerns the Linkz.ai WordPress plugin (versions up to 1.1.8). The vulnerability arises from missing capability checks in the check_auth and check_logout functions, enabling unauthenticated attackers to modify plugin settings (unauthorized data modification). Connected sou...

CVE-2024-9587 Linkz.ai <= 1.1.8 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via AJAX

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxlinkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plug...

CVE-2024-9587 Linkz.ai <= 1.1.8 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via AJAX

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxlinkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plug...

CVE-2024-9586 Linkz.ai <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings Update

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

CVE-2024-9586 Linkz.ai <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings Update

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

WordPress plugin Linkz.ai 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Linkz.ai 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Linkz.ai plugin <= 1.1.8 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Settings Update vulnerability discovered by István Márton in WordPress Plugin Linkz.ai versions = 1.1.8...

WordPress Linkz.ai plugin <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings Update vulnerability

Missing Authorization to Unauthenticated Plugin Settings Update vulnerability discovered by István Márton in WordPress Plugin Linkz.ai versions = 1.1.8...

WordPress Linkz.ai Plugin <= 1.1.8 is vulnerable to Broken Access Control

Software Linkz.ai Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9587 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 00b01a60baf6 Credits István Márton Required privilege...

WordPress Linkz.ai Plugin <= 1.1.8 is vulnerable to Broken Access Control

Software Linkz.ai Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9586 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d8f2af1c96f3 Credits István Márton Required privilege...