7 matches found
WordPress Multicollab: Content Team Collaboration and Editorial Workflow plugin <= 5.2 - Missing Authorization to Authenticated (Subscriber+) Collaboration Comment vulnerability
Missing Authorization to Authenticated Subscriber+ Collaboration Comment vulnerability discovered by Jigar Bhanushali Jigar787 - https://jigarbhanushali.com/ in WordPress Plugin Multicollab – Google Doc-Style Editorial Commenting for WordPress versions = 5.2...
WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Trash Restore vulnerability
Missing Authorization to Authenticated Subscriber+ Trash Restore vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System versions = 3.3.1...
WordPress WP Login and Register using JWT plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ API Key Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin WP Login and Register using JWT versions = 3.0.0...
WordPress Easy Form Builder plugin <= 3.8.8 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Easy Form Builder versions = 3.8.8...
WordPress WordPress File Upload plugin <= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path Traversal vulnerability
Missing Authorization to Authenticated Subscriber+ Limited Path Traversal vulnerability discovered by Lucio Sá in WordPress Plugin WordPress File Upload versions = 4.24.15...
WordPress One Click Order Re-Order plugin <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin One Click Order Re-Order versions = 1.1.9...
CVE-2023-23660
Auth. subscriber+ SQL Injection SQLi vulnerability in MainWP MainWP Maintenance Extension plugin = 4.1.1 versions...