8 matches found
CVE-2024-10778
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticat...
CVE-2024-10778
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticat...
CVE-2024-10778 BuddyPress Builder for Elementor – BuddyBuilder <= 1.7.4 - Authenticated (Contributor+) Post Disclosure
The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticat...
CVE-2024-10778
CVE-2024-10778 : BuddyPress Builder for Elementor – BuddyBuilder (WordPress plugin) is vulnerable to information exposure in all versions up to 1.7.4 via the shortCode “elementor-template.” The issue arises from insufficient restrictions on which posts can be included, allowing authenticated atta...
WordPress plugin BuddyBuilder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress BuddyPress Builder for Elementor – BuddyBuilder plugin <= 1.7.4 - Authenticated (Contributor+) Post Disclosure vulnerability
Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin BuddyPress Builder for Elementor – BuddyBuilder versions = 1.7.4...
WordPress BuddyPress Builder for Elementor – BuddyBuilder Plugin < 1.7.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software BuddyPress Builder for Elementor – BuddyBuilder Type Plugin Vulnerable versions 1.7.4 Fixed in 1.7.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer StaxWP PSID 0a1c78853d94 Credits WordFence...
WordPress BuddyPress Builder for Elementor – BuddyBuilder Plugin <= 1.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software BuddyPress Builder for Elementor – BuddyBuilder Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer StaxWP PSID 8a84cf645ad6...