54 matches found
CVE-2015-9474
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates...
CVE-2015-9476
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates...
CVE-2015-9475
The Pont theme 1.5 for WordPress has insufficient restrictions on option updates...
CVE-2015-9477
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates...
Input validation
The Pont theme 1.5 for WordPress has insufficient restrictions on option updates...
Input validation
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates...
Input validation
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates...
Input validation
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates...
CVE-2015-9477
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates...
CVE-2015-9476
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates...
CVE-2015-9476
CVE-2015-9476 involves WordPress Teardrop theme (v1.8.1) with insufficient restrictions on option updates. The vulnerability allows privilege escalation by any authenticated user who can trigger option changes (e.g., altering default_role, registration state), enabling command/code execution on t...
CVE-2015-9475
The Pont theme 1.5 for WordPress has insufficient restrictions on option updates...
CVE-2015-9474
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates...
CVE-2015-9474
The CVE-2015-9474 issue affects the WordPress Simpolio theme (version 1.3.2), where insufficient restrictions on option updates enable privilege escalation. The public sets show that an attacker with any authenticated user can trigger the vulnerability by manipulating theme options (e.g., default...