34 matches found
EUVD-2019-6100
Malware in sbrugna...
CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets...
CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets...
CVE-2024-5570
CVE-2024-5570 affects the Simple Photoswipe WordPress plugin (version
CVE-2022-0775
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment...
WooCommerce Canada Post Shipping < 2.8.4 - Unauthenticated Unauthorised Action
Description The plugin does not have authorisation check in an action, which could allow unauthenticated users to perform an unauthorised action...
Integrate Google Drive < 1.3.4 - Subscriber+ Settings Update
Description The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...
Product Expiry for WooCommerce < 2.6 - Subscriber+ Settings Update
Description The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...
GTG Product Feed for Shopping <= 1.2.4 - Unauthenticated Settings Update
Description The plugin does not have authorisation check when updating its settings, which could allow unauthenticated users to update them...
Design/Logic Flaw
An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability...
CVE-2023-32672 Apache Superset: SQL parser edge case bypasses data access authorization
An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability...
InstaWP Connect < 0.0.9.19 - Unauthenticated Data Modification
Description The plugin does not have authorisation check in its eventsreceiver function, allowing unauthenticated users to create/update/delete posts/taxonomy, install/activate/deactivate plugin, update the customizer settings as well as create/update/delete arbitrary users...
Ebook Store < 5.78 - Unauthenticated Sensitive Data Disclose
The plugin does not have authorisation check in its ebookstoreexportorders function, allowing unauthenticated users to call it and retrieve order information...
Cross site request forgery (csrf)
The WP OAuth Server OAuth Authentication WordPress plugin before 4.3.0 has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client...
WP Meta SEO < 4.5.4 - Subscriber+ Google Analytics Settings Update
The plugin does not have authorisation check when updating its Google Analytics settings, which could allow any authenticated users, such as subscriber to update them...
WP OAuth Server < 4.3.0 - Subscriber+ Arbitrary Client Deletion
The plugin has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client. PoC Run the below command in the developer console of the web browser while being on the blog as any authenticated users, such as...
MainWP Code Snippets Extension < 4.0.3 - Subscriber+ Settings Update
The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...
CVE-2022-3923
The CVE-2022-3923 issue affects the ActiveCampaign for WooCommerce WordPress plugin prior to version 1.9.8. The vulnerability is a missing authorization check when cleaning up error logs via an AJAX action, permitting any authenticated user (e.g., a subscriber) to invoke the action and remove err...
CVE-2022-4106
The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...
CVE-2022-4106 Wholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File Download
The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...