7 matches found
CVE-2025-13496
The Moosend Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the moosendlandingsauthget function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with Subscriber-level access...
CVE-2025-13496
CVE-2025-13496 (Moosend Landing Pages, WordPress) The WordPress plugin Moosend Landing Pages (up to v1.1.6) contains a missing capability check in moosend_landings_auth_get, allowing authenticated users with Subscriber level access or higher to delete the moosend_landing_api_key option. The issue...
CVE-2025-13496 Moosend Landing Pages <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Option Deletion
The Moosend Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the moosendlandingsauthget function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with Subscriber-level access...
CVE-2025-13496 Moosend Landing Pages <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Option Deletion
The Moosend Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the moosendlandingsauthget function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with Subscriber-level access...
WordPress plugin Moosend Landing Pages 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2026-1589
Name of the Vulnerable Software and Affected Versions Moosend Landing Pages plugin for WordPress versions through 1.1.6 Description The Moosend Landing Pages plugin for WordPress has a flaw that allows unauthorized modification of data. This is due to a missing capability check within the moosend...
WordPress Moosend Landing Pages plugin <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Option Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Option Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Moosend Landing Pages versions = 1.1.6...