Lucene search
K

9 matches found

OSV
OSV
added 2024/03/06 11:4 a.m.19 views

BIT-DISCOURSE-2022-37458

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate...

7.2CVSS6.9AI score0.01108EPSS
Exploits0References4
NVD
NVD
added 2024/02/29 1:43 a.m.19 views

CVE-2024-1044

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...

5.3CVSS5.2AI score0.00409EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.25 views

Design/Logic Flaw

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...

5CVSS7.1AI score0.00409EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.28 views

CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...

5.3CVSS5.5AI score0.00409EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.20 views

CVE-2024-1044

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...

5.3CVSS6.8AI score0.00409EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/05 12:0 a.m.17 views

Discourse < 2.8.8 Email Invitation Vulnerability

Discourse is prone to a vulnerability where email invitations to topics are not rate limited in some cases. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.2CVSS6.9AI score0.01108EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/02 11:28 a.m.27 views

CVE-2022-37458

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate...

7.2AI score0.01108EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/03/30 12:0 a.m.19 views

JVN#08951968 MailDwarf vulnerability allows unauthorized sending of emails

Impact A remote attacker may be able to send unsolicited mails to arbitrary email addresses. Solution Products Affected MailDwarf ver3.01 or earlier...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/08/23 12:0 a.m.14 views

JVN#11048526 mail f/w system vulnerable to allow unauthorized email transmissionk

Impact A remote attacker may exploit this vulnerability to send unsolicited mails to arbitrary email addresses. Solution Products Affected mail f/w system 8.2 and earlier...

7.3AI score
Exploits0
Rows per page
Query Builder