53 matches found
WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access
The plugin does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones. Open the below URL as an...
Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access
The plugin does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted request. PoC The nonce can be...
CVE-2022-40206 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...
CVE-2021-24733 WP Post Page Clone < 1.2 - Unauthorised Post Access
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...
Responsive Image Slider, Photo Gallery And Carousel < 1.3.6 - Subscriber+ Arbitrary Post Access
The plugin does not have proper authorisation check in the sfimageid AJAX action, which could allow any authenticated, such as subscriber, to view the content and title of arbitrary posts, for example private, draft and password protected ones. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: /...
WordPress WP Mega Menu plugin <= 1.4.0 - Arbitrary Post Access vulnerability
Arbitrary Post Access vulnerability discovered by WPScanTeam in WordPress WP Mega Menu plugin versions = 1.4.0. Solution Update the WordPress WP Mega Menu plugin to the latest available version at least 1.4.1...
WP Mega Menu < 1.4.1 - Subscriber+ Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked as AJAX actions and available to any authenticated users. As a result, low privilege authenticated users such as subscribers can call them and access...
WP Mega Menu < 1.4.0 - Unauthenticated Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked to admininit. As a result, unauthenticated users can call them and access arbitrary post data, including password protected or private ones. Access an...
WP Mega Menu < 1.4.1 - Subscriber+ Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked as AJAX actions and available to any authenticated users. As a result, low privilege authenticated users such as subscribers can call them and access...
PT-2019-18095 · Soyal · Soyal Ar-829Ev5 +1
Name of the Vulnerable Software and Affected Versions: SOYAL AR-727H affected versions not specified SOYAL AR-829Ev5 affected versions not specified Description: The issue allows unauthenticated POST access to all CGI programs. Recommendations: For SOYAL AR-727H, at the moment, there is no...
CVE-2019-12252
In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges guest can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring...
JBoss Application Server Web Console Authentication bypass
The Web Console aka web-console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an...
CVE-2008-2849
Cross-site scripting XSS vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors...