5 matches found
CVE-2024-2038
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible fo...
EUVD-2023-51655
Malicious code in bioql PyPI...
EUVD-2024-50598
Malicious code in bioql PyPI...
CVE-2024-12104 Visual Website Collaboration, Feedback & Project Management – Atarim <= 4.0.9 - Missing Authorization to Authenticated (Subscriber+) Project Page/File Deletion
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfdeletefile and wpfdeletefile functions in all versions up to, and including, 4.0.9. This makes it possible for...
CVE-2024-12104
CVE-2024-12104 documents a vulnerability in Visual Website Collaboration, Feedback & Project Management – Atarim (WordPress) where all versions up to 4.0.9 lack a required capability check on wpf_delete_file and wpf_delete_file functions. This permits unauthenticated attackers to delete project p...