WordPress Tutor LMS Plugin <= 2.7.6 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.6 Fixed in 2.7.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10393 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 196d31d95c65 Credits 1337Wannabe...

WordPress MStore API Plugin <= 4.14.7 is vulnerable to Broken Authentication

Software MStore API Type Plugin Vulnerable versions = 4.14.7 Fixed in 4.15.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-6328 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID eb61c3a933bb Credits Truoc Phan...

WordPress Simple Membership Plugin <= 4.3.4 is vulnerable to Privilege Escalation

Software Simple Membership Type Plugin Vulnerable versions = 4.3.4 Fixed in 4.3.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41957 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 1bb17eda4daa Credits Rafie...

WordPress JupiterX Core Plugin <= 3.3.8 is vulnerable to Privilege Escalation

Software JupiterX Core Type Plugin Vulnerable versions = 3.3.8 Fixed in 3.4.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-38389 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID bb67776164d1 Credits Rafie...