9 matches found
WordPress Paid Memberships Pro plugin < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure vulnerability
Contributor+ Arbitrary User Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Paid Memberships Pro versions 2.12.9...
WordPress Pmpro Membership Maps Plugin < 0.7 is vulnerable to Sensitive Data Exposure
Software Pmpro Membership Maps Type Plugin Vulnerable versions 0.7 Fixed in 0.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1286 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a7b3657c40ef Credits Scott Kingsley Clark...
WordPress Kadence Blocks Pro Plugin < 2.3.8 is vulnerable to Broken Access Control
Software Kadence Blocks Pro Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1330 Patch priority Low CVSS severity Low 4.3 Developer KadenceWP PSID 0488c91e76be Credits Scott Kingsley Clark Required...
WordPress WooCommerce plugin < 8.6 - Contributor+ Private/Draft Products Access vulnerability
Contributor+ Private/Draft Products Access vulnerability discovered by Scott Kingsley Clark in WordPress Plugin WooCommerce versions 8.6...
WordPress Meta Box plugin < 5.9.4 - Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability
Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Meta Box – WordPress Custom Fields Framework versions 5.9.4...
CVE-2024-32102
Cross-Site Request Forgery CSRF vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0...
CVE-2024-32102 WordPress Crony Cronjob Manager plugin <= 0.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0...
CVE-2024-32102
CVE-2024-32102 is a Cross-Site Request Forgery vulnerability in Crony Cronjob Manager for WordPress, affecting Crony Cronjob Manager: from n/a through 0.5.0. Connected sources confirm the flaw is CSRF and that exploitation could allow unauthorized actions without formal user interaction details; ...
WordPress Formidable Registration Plugin < 2.12 is vulnerable to Broken Authentication
Software Formidable Registration Type Plugin Vulnerable versions 2.12 Fixed in 2.12 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-1290 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID de229a590aad Credits Scott Kingsley Clark...