Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/07/04 4:11 a.m.13 views

CVE-2025-4654

The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the makesignature function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create/edit/delete Soumettr...

3.7CVSS7.1AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/02 3:47 a.m.7 views

CVE-2025-4654 Soumettre.fr <= 2.1.5 - Improper Authorization to Unauthenticated Soumettre Posts Creation/Modification/Deletion

The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the makesignature function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create/edit/delete Soumettr...

3.7CVSS7AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2025/07/02 3:47 a.m.33 views

CVE-2025-4654

CVE-2025-4654 – WordPress Soumettre.fr plugin : The vulnerability arises from improper authorization checks in the make_signature function, affecting all versions up to 2.1.5. This allows unauthenticated attackers to create, edit, or delete Soumettre posts, but only on installations where the sou...

3.7CVSS6.8AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.5 views

WordPress plugin Soumettre.fr 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An authorization issue vulnerability exists in WordPress Soumettre.fr, which stems from an improper authorization check in the makesignature function, and can be exploited ...

3.7CVSS6.7AI score0.00226EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/01 8:41 a.m.7 views

WordPress Soumettre.fr plugin <= 2.1.3 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Peter Thaleikis in WordPress Plugin Soumettre.fr versions = 2.1.3...

4.3CVSS7AI score0.00346EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/10/01 8:15 a.m.15 views

CVE-2024-8675

The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/01 7:30 a.m.24 views

CVE-2024-8675 Soumettre.fr <= 2.1.3 - Missing Authorization

The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00346EPSS
Exploits0References3
CVE
CVE
added 2024/10/01 7:30 a.m.77 views

CVE-2024-8675

CVE-2024-8675 – Soumettre.fr (WordPress) is a Broken Access Control vulnerability in all versions up to 2.1.2 where a missing capability check in the soumettre_disconnect_gateway function allows authenticated users with Subscriber-level access or higher to modify data, specifically disconnect the...

4.3CVSS5.9AI score0.00346EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/01 7:30 a.m.14 views

CVE-2024-8675 Soumettre.fr <= 2.1.3 - Missing Authorization

The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettredisconnectgateway function in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.9AI score0.00346EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.12 views

WordPress Soumettre.fr Plugin <= 2.1.2 is vulnerable to Broken Access Control

Software Soumettre.fr Type Plugin Vulnerable versions = 2.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8675 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4522ceb2a73c Credits Peter Thaleikis Required privilege...

4.3CVSS4.5AI score0.00346EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.6 views

WordPress plugin Soumettre.fr 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00346EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.9 views

PT-2024-39169 · WordPress · Soumettre.Fr

Name of the Vulnerable Software and Affected Versions: Soumettre.fr plugin for WordPress versions up to, and including, 2.1.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data without authorization due to a missing capability check on the...

4.3CVSS7AI score0.00346EPSS
Exploits0References7
Rows per page
Query Builder