9 matches found
BIT-DISCOURSE-2022-37458
Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate...
CVE-2024-1044
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
Design/Logic Flaw
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
CVE-2024-1044
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
Discourse < 2.8.8 Email Invitation Vulnerability
Discourse is prone to a vulnerability where email invitations to topics are not rate limited in some cases. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2022-37458
Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate...
JVN#08951968 MailDwarf vulnerability allows unauthorized sending of emails
Impact A remote attacker may be able to send unsolicited mails to arbitrary email addresses. Solution Products Affected MailDwarf ver3.01 or earlier...
JVN#11048526 mail f/w system vulnerable to allow unauthorized email transmissionk
Impact A remote attacker may exploit this vulnerability to send unsolicited mails to arbitrary email addresses. Solution Products Affected mail f/w system 8.2 and earlier...