6 matches found
CVE-2024-32146
Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1...
CVE-2024-32146
CVE-2024-32146 corresponds to a Missing Authorization vulnerability in the Aspose.Words Exporter (Aspose.Cloud Marketplace) for WordPress. Affected product: Aspose.Words Exporter
WordPress Aspose.Words Exporter Plugin <= 6.3.1 is vulnerable to Broken Access Control
Software Aspose.Words Exporter Type Plugin Vulnerable versions = 6.3.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32146 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 11984c3d7834 Credits Abdi Pranata Required...
WordPress Aspose.Words Exporter plugin 1.0 - Arbitrary File Download
WordPress Aspose.Words Exporter plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the plugin...
Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download
The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...
Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download
The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...