Lucene search
+L

4 matches found

NVD
NVD
added 2024/11/01 3:15 p.m.29 views

CVE-2024-38690

Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress Virtual Tour Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iPanorama 360 WordPress Virtual Tour Builder: from n/a through 1.8.3...

5.3CVSS0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.5 views

PT-2024-28135 · Avirtum · Avirtum Ipanorama 360 Wordpress Virtual Tour Builder

Name of the Vulnerable Software and Affected Versions: Avirtum iPanorama 360 WordPress Virtual Tour Builder versions 1.8.3 and earlier Description: The issue affects the Avirtum iPanorama 360 WordPress Virtual Tour Builder, allowing access to functionality not properly constrained by Access Contr...

5.3CVSS6.6AI score0.00409EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.11 views

WordPress iPanorama 360 WordPress Virtual Tour Builder Plugin <= 1.8.3 is vulnerable to Broken Access Control

Software iPanorama 360 WordPress Virtual Tour Builder Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38690 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 070f425a0f60 Credits...

5.3CVSS6.3AI score0.00409EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/10/19 2:15 a.m.28 views

CVE-2023-5336

The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

8.8CVSS8.7AI score0.00618EPSS
Exploits0References3
Rows per page
Query Builder