CVE-2024-5770

The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxsavesetting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permission...

PT-2024-37136 · WordPress · Wp Force Ssl & Https Ssl Redirect

Name of the Vulnerable Software and Affected Versions: WP Force SSL & HTTPS SSL Redirect plugin for WordPress versions up to, and including, 1.66 Description: The issue is related to unauthorized modification of data due to a missing capability check on the ajax save setting function. This allows...