PT-2025-1892 · WordPress · Linkid Plugin

Name of the Vulnerable Software and Affected Versions: linkID plugin for WordPress versions up to, and including, 0.1.2 Description: The issue arises from a missing capability check when including the 'phpinfo' function, allowing unauthorized access to data. This enables unauthenticated attackers...

CVE-2024-12266

The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elexdpexportrules and elexdpimportrules functions in all versions up to, and including, 2.1.7. This makes it possible for unauthenticated...

CVE-2024-12266 ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.7 - Missing Authorization

The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elexdpexportrules and elexdpimportrules functions in all versions up to, and including, 2.1.7. This makes it possible for unauthenticated...

CVE-2024-12266

CVE-2024-12266 affects the ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress. The Red Hat advisory confirms a missing capability check in the functions elex_dp_export_rules() and elex_dp_import_rules() across all versions up to and including 2.1.7, enabling unauthenticated attac...

PT-2024-17519 · WordPress · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress versions up to, and including, 2.1.7 Description: The issue arises from a missing capability check on the elex dp export rules and elex dp import rules functions, allowing...