124 matches found
WordPress Minterpress plugin <= 1.0.5 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Minterpress versions = 1.0.5...
WordPress Quietly Insights plugin <= 1.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Quietly Insights versions = 1.2.2...
WordPress Eyewear prescription form plugin <= 4.0.18 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Eyewear prescription form versions = 4.0.18...
PT-2024-16909 · WordPress · Ai Quiz | Quiz Maker
Name of the Vulnerable Software and Affected Versions: AI Quiz | Quiz Maker plugin for WordPress versions up to, and including, 1.1 Description: The issue allows unauthorized modification of data, leading to privilege escalation due to a missing capability check on the ai quiz update style...
WordPress Booking & Appointment Plugin for WooCommerce plugin <= 6.9.0 - Authenticated (Subscriber+) Arbitrary Option Update vulnerability
Authenticated Subscriber+ Arbitrary Option Update vulnerability discovered by István Márton in WordPress Plugin Booking & Appointment Plugin for WooCommerce versions = 6.9.0...
CVE-2024-52382 WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in medmatech Matix Popup Builder medma-matix allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through = 1.0.0...
WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Matix Popup Builder versions = 1.0.0...
CVE-2024-50476 WordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular spendino allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through = 1.0.1...
CVE-2024-50490 WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through = 1.0.2...
CVE-2024-50490 WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through = 1.0.2...
WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin PegaPoll versions = 1.0.2...
WordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin GRÜN spendino Spendenformular versions = 1.0.1...
WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Signup Page versions = 1.0...
CVE-2021-4445 Premium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update
The Premium Addons for Elementor plugin for WordPress is vulnerable to Arbitrary Option Updates in versions up to, and including, 4.5.1. This is due to missing capability and nonce checks in the padismissadminnotice AJAX action. This makes it possible for authenticated subscriber+ attackers to...
CVE-2023-3204
The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companiondisablepopup function called via an AJAX action. This makes it possible for authenticated attackers, with...
CVE-2024-33564 WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability
Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...
CVE-2024-33564 WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability
Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...
WordPress Plugin ConvertPlug 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin EAN for WooCommerce versions = 4.8.9...
WordPress Instant Images plugin <= 6.1.0 - Arbitrary Option Update to Privilege Escalation vulnerability
Arbitrary Option Update to Privilege Escalation vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Instant Images versions = 6.1.0...