12 matches found
CVE-2025-4654
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the makesignature function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create/edit/delete Soumettr...
CVE-2025-4654 Soumettre.fr <= 2.1.5 - Improper Authorization to Unauthenticated Soumettre Posts Creation/Modification/Deletion
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the makesignature function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create/edit/delete Soumettr...
CVE-2025-4654
CVE-2025-4654 – WordPress Soumettre.fr plugin : The vulnerability arises from improper authorization checks in the make_signature function, affecting all versions up to 2.1.5. This allows unauthenticated attackers to create, edit, or delete Soumettre posts, but only on installations where the sou...
WordPress plugin Soumettre.fr 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An authorization issue vulnerability exists in WordPress Soumettre.fr, which stems from an improper authorization check in the makesignature function, and can be exploited ...
WordPress Soumettre.fr plugin <= 2.1.3 - Missing Authorization vulnerability
Missing Authorization vulnerability discovered by Peter Thaleikis in WordPress Plugin Soumettre.fr versions = 2.1.3...
CVE-2024-8675
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-8675 Soumettre.fr <= 2.1.3 - Missing Authorization
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-8675
CVE-2024-8675 – Soumettre.fr (WordPress) is a Broken Access Control vulnerability in all versions up to 2.1.2 where a missing capability check in the soumettre_disconnect_gateway function allows authenticated users with Subscriber-level access or higher to modify data, specifically disconnect the...
CVE-2024-8675 Soumettre.fr <= 2.1.3 - Missing Authorization
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...
WordPress Soumettre.fr Plugin <= 2.1.2 is vulnerable to Broken Access Control
Software Soumettre.fr Type Plugin Vulnerable versions = 2.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8675 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4522ceb2a73c Credits Peter Thaleikis Required privilege...
WordPress plugin Soumettre.fr 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-39169 · WordPress · Soumettre.Fr
Name of the Vulnerable Software and Affected Versions: Soumettre.fr plugin for WordPress versions up to, and including, 2.1.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data without authorization due to a missing capability check on the...