84 matches found
CVE-2024-7621
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processwpfeedbackmiscoptions function in all versions up to, and including, 4.0.2. This makes it possible for...
WordPress Atarim plugin <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Atarim versions = 4.0.2...
WordPress plugin Atarim 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-7621
The CVE-2024-7621 entry concerns the Visual Website Collaboration, Feedback & Project Management – Atarim WordPress plugin. Root cause: missing capability check in process_wpfeedback_misc_options() allowed authenticated users with Subscriber level or higher to modify plugin settings and, by exten...
PT-2024-38458 · WordPress · Atarim
Name of the Vulnerable Software and Affected Versions: Atarim plugin for WordPress versions prior to 4.0.3 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data due to a missing capability check on the process wpfeedback misc options function...
WordPress Atarim plugin <= 4.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by piro Patchstack Alliance in WordPress Plugin Atarim versions = 4.0...
WordPress Atarim Plugin <= 4.0 is vulnerable to Broken Access Control
Software Atarim Type Plugin Vulnerable versions = 4.0 Fixed in 4.0.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-38771 Patch priority Medium CVSS severity Medium 6.5 Developer Atarim PSID 7e5566c5bcde Credits piro Required privilege Unauthenticated...
WordPress Atarim plugin <= 3.31 - Authenticated Cross Site Scripting (XSS) vulnerability
Authenticated Cross Site Scripting XSS vulnerability discovered by piro Patchstack Alliance in WordPress Plugin Atarim versions = 3.31...
WordPress Atarim Plugin <= 3.31 is vulnerable to Cross Site Scripting (XSS)
Software Atarim Type Plugin Vulnerable versions = 3.31 Fixed in 3.32 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37434 Patch priority Low CVSS severity Low 5.9 Developer Atarim PSID c53738d448b9 Credits piro Required privilege Administrator Published 28 June,...
WordPress Atarim plugin <= 3.30 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Robert DeVore in WordPress Plugin Atarim versions = 3.30...
WordPress Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.22.6 - Hardcoded Credentials vulnerability
Hardcoded Credentials vulnerability discovered by Lucio Sá in WordPress Plugin Atarim versions = 3.22.6...
CVE-2024-2038
CVE-2024-2038 affects the Visual Website Collaboration, Feedback & Project Management – Atarim WordPress plugin. The vulnerability arises from hardcoded credentials used to authenticate all incoming API requests, enabling unauthorized access. Exploitation allows unauthenticated attackers to modif...
CVE-2023-47544
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
CVE-2023-47544
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
Cross site scripting
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
CVE-2023-47544 WordPress Atarim Plugin <= 3.12 is vulnerable to Cross Site Scripting (XSS)
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
CVE-2023-47544 WordPress Atarim Plugin <= 3.12 is vulnerable to Cross Site Scripting (XSS)
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
PT-2023-30494 · Atarim · Atarim Visual Website Collaboration
Name of the Vulnerable Software and Affected Versions: Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin versions prior to 3.12 Description: The issue is related to an Unauth. Stored Cross-Site Scripting XSS vulnerability. This means that an attacker can inject...
CVE-2023-37393
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.9.3 versions...
CVE-2023-37393
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.9.3 versions...