147 matches found
WordPress Marketing Automation by AZEXO Plugin <= 1.27.80 is vulnerable to Privilege Escalation
Software Marketing Automation by AZEXO Type Plugin Vulnerable versions = 1.27.80 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50506 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3eb031584d8d...
WordPress Signup Page Plugin <= 1.0 is vulnerable to Privilege Escalation
Software Signup Page Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50475 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 15ed63623277 Credits Mika Required...
WordPress MaanStore API Plugin <= 1.0.1 is vulnerable to Broken Authentication
Software MaanStore API Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50487 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 80e67caa15fa Credits...
WordPress Wux Blog Editor Plugin <= 3.0.0 is vulnerable to Broken Authentication
Software Wux Blog Editor Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9931 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 140fce8f5a83 Credits István...
WordPress Token Login Plugin <= 1.0.3 is vulnerable to Broken Authentication
Software Token Login Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50488 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 18531b1d1720 Credits stealthcopte...
WordPress Realty Workstation Plugin <= 1.0.45 is vulnerable to Broken Authentication
Software Realty Workstation Type Plugin Vulnerable versions = 1.0.45 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50489 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 8f086511377f Credits...
WordPress Extensions by HocWP Team Plugin <= 0.2.3.2 is vulnerable to Broken Authentication
Software Extensions by HocWP Team Type Plugin Vulnerable versions = 0.2.3.2 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9930 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7d51f78c234b Credit...
WordPress WPS Telegram Chat Plugin <= 4.5.4 is vulnerable to Broken Access Control
Software WPS Telegram Chat Type Plugin Vulnerable versions = 4.5.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-9628 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 35d166ea4c51 Credits...
WordPress WooCommerce Order Proposal Plugin <= 2.0.5 is vulnerable to Broken Authentication
Software WooCommerce Order Proposal Type Plugin Vulnerable versions = 2.0.5 Fixed in 2.0.6 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9927 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d873b6f7fa89 Credit...
WordPress Simple User Registration Plugin <= 6.0 is vulnerable to Broken Authentication
Software Simple User Registration Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49604 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 22ee8177d626 Credits...
WordPress Miniorange OTP Verification with Firebase Plugin <= 3.6.0 is vulnerable to Broken Authentication
Software Miniorange OTP Verification with Firebase Type Plugin Vulnerable versions = 3.6.0 Fixed in 3.6.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9861 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID...
WordPress BuddyPress Better Registration Plugin <= 1.6 is vulnerable to Broken Authentication
Software BuddyPress Better Registration Type Plugin Vulnerable versions = 1.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49247 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4288fed05f70...
WordPress JupiterX Core Plugin <= 4.7.5 is vulnerable to Broken Authentication
Software JupiterX Core Type Plugin Vulnerable versions = 4.7.5 Fixed in 4.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-7781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 4950f50fad7a Credits Geo Void...
WordPress Uncanny Groups for LearnDash Plugin <= 6.1.0.1 is vulnerable to Privilege Escalation
Software Uncanny Groups for LearnDash Type Plugin Vulnerable versions = 6.1.0.1 Fixed in 6.1.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8349 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 0a9f41b67f...
WordPress WC Marketplace Plugin <= 4.2.0 is vulnerable to Privilege Escalation
Software WC Marketplace Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8289 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 9025ce00a31d Credits wesley...
openldap: null pointer dereference in ber_memalloc_x function
A vulnerability was found in OpenLDAP, in bermemallocx function, leading to a null pointer dereference. This flaw can result in reduced system memory and cause LDAP authentication failures. The impact is primarily a disruption in authentication processes, which may hinder user access or service...
WordPress WPForms User Registration Plugin <= 2.1.0 is vulnerable to Privilege Escalation
Software WPForms User Registration Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.1.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-52209 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 78ca3b70599d Credits...
Citrix Endpoint Management: Active Directory Issues
Introduction Active Directory AD integration issues in XenMobile can range from synchronization errors to authentication failures and configuration complications. This series of articles offers troubleshooting guidance and best practices to address these challenges, ensuring smooth operation and...
WordPress MStore API Plugin <= 4.14.7 is vulnerable to Broken Authentication
Software MStore API Type Plugin Vulnerable versions = 4.14.7 Fixed in 4.15.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-6328 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID eb61c3a933bb Credits Truoc Phan...
WordPress Pie Register (Add on) - Social Sites Login Plugin <= 1.7.7 is vulnerable to Broken Authentication
Software Pie Register Add on - Social Sites Login Type Plugin Vulnerable versions = 1.7.7 Fixed in 1.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-4544 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID...