Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2025/04/10 7:2 a.m.4 views

CVE-2025-2719 Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Swatchly – WooCommerce Variation Swatches for Products product attributes: Image swatch, Color swatches, Label swatches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in versions 1.2.8 to 1.4.0. This makes ...

6.5CVSS5.3AI score0.00269EPSS
Exploits0References2
OSV
OSV
added 2024/05/21 9:15 a.m.11 views

CVE-2024-4875

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajaxdismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00755EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.7 views

PT-2024-31719 · Unknown +1 · Woocommerce +1

Name of the Vulnerable Software and Affected Versions: ShopLentor plugin for WordPress versions up to, and including, 2.8.8 Description: The issue is related to a missing capability check on the ajax dismiss function, which allows authenticated attackers with contributor-level access and above to...

7.1CVSS6.8AI score0.00406EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.10 views

PT-2024-33201 · WordPress · Ht Mega – Absolute Addons For Elementor

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions up to, and including, 2.5.2 Description: The issue is related to a missing capability check on the ajax dismiss function, allowing authenticated attackers with...

4.3CVSS6.6AI score0.00755EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.5 views

WordPress Plugin ShopLentor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS6.3AI score0.00406EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2024/05/21 12:0 a.m.8 views

ShopLentor < 2.8.9 - Authenticated Option Update

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function. This makes it possible for authenticated attackers, with contributor-level access and above, to set arbitrary WordPress options to "true". NOTE: This...

7.1CVSS6.6AI score0.00406EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder