The vulnerability of the vibebp_register_user() function in the scenario included in the class.js file of the VibeBP plugin, a content management system for WordPress, allows a hacker to escalate their privileges.

The vulnerability of the vibebpregisteruser function in the class included in the class.js file of the VibeBP plugin, a content management system for WordPress, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to increase their privileges remotel...

CVE-2024-56040 WordPress VibeBP plugin <= 1.9.9.4.1 - Unauthenticated Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP vibebp allows Privilege Escalation.This issue affects VibeBP: from n/a through = 1.9.9.4.1...

CVE-2024-56040 WordPress VibeBP plugin <= 1.9.9.4.1 - Unauthenticated Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP allows Privilege Escalation.This issue affects VibeBP: from n/a through 1.9.9.4.1...

CVE-2024-56041

CVE-2024-56041 affects the WordPress/VibeBP plugin. The vulnerability is an SQL Injection due to improper neutralization of special elements in SQL commands in VibeBP versions prior to 1.9.9.5.1. The issue is documented across multiple sources (NVD, Red Hat, CVE lists, Patchstack, CNNVD) and has ...

CVE-2024-56041 WordPress VibeBP plugin < 1.9.9.5.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes VibeBP vibebp allows SQL Injection.This issue affects VibeBP: from n/a through 1.9.9.5.1...

CVE-2024-56039 WordPress VibeBP plugin < 1.9.9.7.7 - Unauthenticated SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes VibeBP vibebp allows SQL Injection.This issue affects VibeBP: from n/a through 1.9.9.7.7...

WordPress VibeBP plugin < 1.9.9.5.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin VibeBP versions 1.9.9.5.1...

WordPress VibeBP plugin <= 1.9.9.4.1 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin VibeBP versions = 1.9.9.4.1...

WordPress VibeBP plugin < 1.9.9.7.7 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin VibeBP versions 1.9.9.7.7...

PT-2024-9989 · WordPress · Vibebp

Name of the Vulnerable Software and Affected Versions: VibeBP versions 1.9.9.4.1 and earlier Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation. This vulnerability is associated with the vibebp register user function in the...