EUVD-2024-28464

Malicious code in bioql PyPI...

CVE-2024-30544

Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30544

Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30544

Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30544

CVE-2024-30544 is a Missing Authorization (broken access control) vulnerability in UPQODE Whizzy (WordPress plugin). The issue affects Whizzy versions up to 1.1.18 and could allow unauthorized access due to insufficient access-control checks. Public sources in the connected documents identify the...

CVE-2024-30544 WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30544 WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...

WordPress plugin Whizzy security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-23474 · Upqode · Upqode Whizzy

Name of the Vulnerable Software and Affected Versions: UPQODE Whizzy versions 1.1.18 and earlier Description: A Missing Authorization issue affects the software, potentially allowing unauthorized access. The estimated number of affected devices is not specified. There is no information about...

Whizzy <= 1.1.18 - Missing Authorization

Description The Whizzy plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.18. This makes it possible for unauthenticated attackers to perform an unauthorized action...

Whizzy <= 1.1.18 - Authenticated (Subscriber+) Insecure Direct Object Reference

Description The Whizzy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.18 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

CVE-2024-30543

CVE-2024-30543 is an authorization bypass via a user-controlled key in the UPQODE Whizz/Whizzy WordPress plugin, affecting versions from n/a to 1.1.18. The CVSS 3.1 base score is 6.5 (Network attack, Low attack complexity, Privileges Required: None, User Interaction: None, Confidentiality/Integri...

CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

WordPress Plugin Whizzy 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-23473 · Whizzy · Whizzy

Name of the Vulnerable Software and Affected Versions: Whizzy versions 1.1.18 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. Recommendations: For versions 1.1.18 and earlier, update to a version that contains a fix for this issu...

WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Whizzy versions = 1.1.18...

WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Whizzy versions = 1.1.18...

WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Broken Access Control

Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-30544 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c8ad96cc8257 Credits Steven Julian Required privilege...

WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Insecure Direct Object References (IDOR)

Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-30543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 58661e758181 Credits Steven Julian Required...