Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-44178

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00406EPSS
Exploits0References3
OSV
OSV
added 2024/05/21 9:15 a.m.4 views

CVE-2024-4566

The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 2.8.8. This makes it possible for authenticated attackers, with contributor-level access and above, to set...

7.1CVSS5.8AI score0.00406EPSS
Exploits0References3
CVE
CVE
added 2024/05/21 8:31 a.m.69 views

CVE-2024-4566

CVE-2024-4566 affects ShopLentor – WooCommerce Builder for WordPress. Wordfence and Red Hat entries confirm a missing capability check in ajax_dismiss across all versions

7.1CVSS6.4AI score0.00406EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/05/21 8:31 a.m.21 views

CVE-2024-4566 ShopLentor <= 2.8.8 - Missing Authorization to WordPress Option Modification

The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 2.8.8. This makes it possible for authenticated attackers, with contributor-level access and above, to set...

7.1CVSS6.8AI score0.00406EPSS
Exploits0References3
CVE
CVE
added 2024/05/21 8:31 a.m.66 views

CVE-2024-4875

CVE-2024-4875 affects the HT Mega – Absolute Addons For Elementor WordPress plugin. A missing capability check in ajax_dismiss in versions up to 2.5.2 allows authenticated users with subscriber-level permissions and above to modify options such as users_can_register, enabling unauthorized user re...

4.3CVSS6.3AI score0.00755EPSS
Exploits1References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/21 12:0 a.m.13 views

HT Mega < 2.5.3 - Subscriber+ Options Update

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxdismiss' function, allowing authenticated attackers, with subscriber-level permissions and above, to update options such as userscanregister, which can lead to unauthorized user...

4.3CVSS6.5AI score0.00755EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder