2 matches found
CVE-2025-49350
The CVE-2025-49350 entry concerns the WordPress Actionwear products sync plugin (versions up to 2.3.3). The root cause is a missing authorization due to incorrectly configured access control, leading to a broken access control vulnerability. Affected software is the Actionwear products sync plugi...
WordPress WP Media Category Management plugin 2.0-2.3.3 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by luckybuddy in WordPress Plugin WP Media Category Management versions 2.0-2.3.3...