6 matches found
EUVD-2025-12131
Malicious code in bioql PyPI...
CVE-2024-13307
The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'realesdeletefile', 'realesdeletefileplans', 'realesaddtofavourites', and 'realesremovefromfavourites' functions in all versions up...
CVE-2024-13307 Reales WP - Real Estate WordPress Theme <= 2.1.2 - Missing Authorization to Unauthenticated Attachment Deletion and Favorite Property Updates
The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'realesdeletefile', 'realesdeletefileplans', 'realesaddtofavourites', and 'realesremovefromfavourites' functions in all versions up...
CVE-2024-13307 Reales WP - Real Estate WordPress Theme <= 2.1.2 - Missing Authorization to Unauthenticated Attachment Deletion and Favorite Property Updates
The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'realesdeletefile', 'realesdeletefileplans', 'realesaddtofavourites', and 'realesremovefromfavourites' functions in all versions up...
WordPress Reales WP theme <= 2.1.2 - Missing Authorization to Unauthenticated Attachment Deletion and Favorite Property Updates vulnerability
Missing Authorization to Unauthenticated Attachment Deletion and Favorite Property Updates vulnerability discovered by Lucio Sá in WordPress Theme Reales WP versions = 2.1.2...
WordPress Reales WP Theme <= 2.1.2 is vulnerable to Broken Access Control
Software Reales WP Type Theme Vulnerable versions = 2.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-13307 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 235c47c33cda Credits Lucio Sá Required privilege...