9 matches found
EUVD-2024-32855
Malicious code in bioql PyPI...
CVE-2024-10003
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 3.0.0.2903. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2024-10003
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 3.0.0.2903. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2024-10002
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905. This is due to insufficient validation and capability check on the 'roveridxrefreshsocialcallback' function. This makes it possible for authenticated attackers, with...
CVE-2024-10003
CVE-2024-10003 (Rover IDX for WordPress) affects Rover IDX plugin, versions up to 3.0.0.2903. Root cause is a missing capability check on multiple functions, enabling authenticated attackers with subscriber-level access or higher to add, modify, or delete plugin options, potentially leading to un...
PT-2024-15968 · WordPress · Rover Idx Plugin
Name of the Vulnerable Software and Affected Versions: Rover IDX plugin for WordPress versions up to, and including, 3.0.0.2903 Description: The issue allows unauthorized access, modification, and loss of data due to a missing capability check on multiple functions. This makes it possible for...
WordPress plugin Rover IDX 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Rover IDX plugin <= 3.0.0.2903 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions vulnerability
Authenticated Subscriber+ Missing Authorization via Multiple Functions vulnerability discovered by István Márton in WordPress Plugin Rover IDX versions = 3.0.0.2903...
PT-2024-15967 · WordPress · Rover Idx Plugin
Name of the Vulnerable Software and Affected Versions: Rover IDX plugin for WordPress versions up to and including 3.0.0.2905 Description: The issue arises from insufficient validation and capability check on the rover idx refresh social callback function, allowing authenticated attackers with...