10 matches found
CVE-2023-4153
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3devsavebanusersettingscallback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber,...
EUVD-2023-54033
Malicious code in bioql PyPI...
CVE-2023-4153
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3devsavebanusersettingscallback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber,...
CVE-2023-4153
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3devsavebanusersettingscallback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber,...
Design/Logic Flaw
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3devsavebanusersettingscallback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber,...
CVE-2023-4153
The CVE-2023-4153 entry concerns the BAN Users WordPress plugin (versions
WordPress BAN Users Plugin <= 1.5.3 is vulnerable to Privilege Escalation
Software BAN Users Type Plugin Vulnerable versions = 1.5.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-4153 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID ec1ffb5bed37 Credits Lana Codes...
WordPress plugin BAN Users security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete 1 categories or 2 groups; 3 ban users; or 4 delete users via the admin page...
CVE-2008-6905
Cross-site request forgery CSRF vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete 1 categories or 2 groups; 3 ban users; or 4 delete users via the admin page...