Lucene search
K

14 matches found

OSV
OSV
added 2024/10/25 8:15 a.m.5 views

CVE-2024-9628

The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'WpsTelegramChatAdmin::checkСonnection' function in versions up to, and including, 4.5.4. This makes it possible for authenticated attackers, wit...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References2
NVD
NVD
added 2024/10/25 8:15 a.m.57 views

CVE-2024-9628

The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'WpsTelegramChatAdmin::checkСonnection' function in versions up to, and including, 4.6.0. This makes it possible for authenticated attackers, wit...

6.5CVSS0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 7:38 a.m.18 views

CVE-2024-9628 WPS Telegram Chat <= 4.6.0 - Authenticated (Subscriber+) Unauthorized Access to Telegram Bot API

The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'WpsTelegramChatAdmin::checkСonnection' function in versions up to, and including, 4.6.0. This makes it possible for authenticated attackers, wit...

6.3CVSS5.9AI score0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 7:38 a.m.12 views

CVE-2024-9630 WPS Telegram Chat <= 4.6.0 - Missing Authorization to Information Exposure

The WPS Telegram Chat plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when accessing messages in versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to view the messages that are sent through the Telegram Bot API...

5.4CVSS5.9AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 7:38 a.m.46 views

CVE-2024-9628 WPS Telegram Chat <= 4.6.0 - Authenticated (Subscriber+) Unauthorized Access to Telegram Bot API

The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'WpsTelegramChatAdmin::checkСonnection' function in versions up to, and including, 4.6.0. This makes it possible for authenticated attackers, wit...

6.3CVSS0.00267EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 7:38 a.m.28 views

CVE-2024-9630 WPS Telegram Chat <= 4.6.0 - Missing Authorization to Information Exposure

The WPS Telegram Chat plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when accessing messages in versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to view the messages that are sent through the Telegram Bot API...

5.4CVSS0.00263EPSS
Exploits0References2
CVE
CVE
added 2024/10/25 7:38 a.m.91 views

CVE-2024-9630

The CVE-2024-9630 entry concerns the WPS Telegram Chat plugin for WordPress. Affected versions: up to 4.5.4. Root cause: missing capability check when accessing messages, resulting in an authorization bypass. Impact: unauthenticated attackers can view messages sent through the Telegram Bot API (i...

5.4CVSS5.9AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/10/25 7:38 a.m.97 views

CVE-2024-9628

CVE-2024-9628 affects the WordPress plugin WPS Telegram Chat . The vulnerability arises from a missing capability check in the function Wps_Telegram_Chat_Admin::checkСonnection , in versions up to and including 4.5.4 . This design flaw enables authenticated attackers with subscriber-level access ...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.6 views

WordPress plugin WPS Telegram Chat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.5AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.6 views

WordPress plugin WPS Telegram Chat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.3AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.8 views

PT-2024-39728 · WordPress · Wps Telegram Chat

Name of the Vulnerable Software and Affected Versions: WPS Telegram Chat plugin for WordPress versions up to, and including, 4.5.4 Description: The issue allows authenticated attackers with subscriber-level access and above to have full access to the Telegram Bot API endpoint and communicate with...

6.5CVSS6.4AI score0.00267EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/10/24 10:7 p.m.7 views

WordPress WPS Telegram Chat plugin <= 4.5.4 - Authenticated (Subscriber+) Unauthorized Access to Telegram Bot API vulnerability

Authenticated Subscriber+ Unauthorized Access to Telegram Bot API vulnerability discovered by István Márton in WordPress Plugin WPS Telegram Chat versions = 4.5.4...

6.5CVSS7AI score0.00267EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.17 views

WordPress WPS Telegram Chat Plugin <= 4.5.4 is vulnerable to Broken Access Control

Software WPS Telegram Chat Type Plugin Vulnerable versions = 4.5.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-9628 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 35d166ea4c51 Credits...

6.5CVSS6.5AI score0.00267EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.20 views

WordPress WPS Telegram Chat Plugin <= 4.5.4 is vulnerable to Broken Access Control

Software WPS Telegram Chat Type Plugin Vulnerable versions = 4.5.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9630 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9cb16fad33b1 Credits István Márton Required privile...

5.4CVSS6.5AI score0.00263EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder