WordPress Categorify plugin <= 1.0.7.4 - Missing Authorization in categorifyAjaxRenameCategory vulnerability

Missing Authorization in categorifyAjaxRenameCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Categorify plugin <= 1.0.7.4 - Missing Authorization in categorifyAjaxClearCategory vulnerability

Missing Authorization in categorifyAjaxClearCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Categorify plugin <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory vulnerability

Cross-Site Request Forgery via categorifyAjaxDeleteCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Categorify plugin <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxClearCategory vulnerability

Cross-Site Request Forgery via categorifyAjaxClearCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Categorify plugin <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition vulnerability

Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

Grandstream GXP1625 安全漏洞

The Grandstream GXP1625 is an enterprise IP phone from Grandstream USA. A security vulnerability exists in the Grandstream GXP1625 version 1.0.7.4, which originates from an incorrect manipulation of the parameter vpnip in the file /cgi-bin/api.values.post in the component Network Status Page, whi...

EUVD-2024-17387

Malicious code in bioql PyPI...

CVE-2024-1653

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

Design/Logic Flaw

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxAddCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

PT-2024-15519 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue allows authenticated attackers with subscriber-level access and above to modify data without proper authorization. This is due to a missing capabili...

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-1650

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1652

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1649

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-1907 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxDeleteCategory function. This makes it possible for unauthenticated attackers to delete categori...

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-18198 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory...

PT-2024-18201 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue is related to a missing capability check on the categorifyAjaxUpdateFolderPosition function, allowing authenticated attackers with subscriber-level...

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...