4 matches found
CVE-2024-13643 Zox News <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backupoptions and resetoptions functions i...
WordPress Zox News plugin <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Options Modification vulnerability discovered by Lucio Sá in WordPress Theme Zox News versions = 3.17.0...
WordPress Zox News plugin <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Tonn in WordPress Theme Zox News versions = 3.16.0...
WordPress plugin Zox News 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...