9 matches found
EUVD-2024-33433
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
CVE-2024-10532
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
CVE-2024-10532
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
CVE-2024-10532 Bard Extra <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
CVE-2024-10532 Bard Extra <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bardxtraimportxml function in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
CVE-2024-10532
CVE-2024-10532 affects Bard Extra for WordPress. The vulnerability is due to a missing authorization check in the bardxtra_import_xml() function, allowing authenticated users with subscriber-level access and above to import demo data, enabling unauthorized modification of data. Affected versions ...
WordPress plugin Bard Extra 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Bard Extra plugin <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import vulnerability
Missing Authorization to Authenticated Subscriber+ Demo Import vulnerability discovered by Lucio Sá in WordPress Plugin Bard Extra versions = 1.2.7...
WordPress Bard Extra Plugin <= 1.2.7 is vulnerable to Broken Access Control
Software Bard Extra Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10532 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5aee743e07b2 Credits Lucio Sá Required privilege...