Lucene search
K

69 matches found

Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.5 views

PT-2024-18417 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue is due to missing or incorrect nonce validation on the categorifyAjaxUpdateFolderPosition function, making it possible for unauthenticated attackers...

4.3CVSS9.3AI score0.00202EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.4 views

PT-2024-18198 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory...

4.3CVSS9.3AI score0.0034EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.7 views

PT-2024-18196 · WordPress · Categorify

Name of the Vulnerable Software and Affected Versions: Categorify plugin for WordPress versions up to, and including, 1.0.7.4 Description: The issue arises from a missing capability check on the categorifyAjaxDeleteCategory function, allowing authenticated attackers with subscriber-level access a...

4.3CVSS9.3AI score0.0034EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxClearCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxClearCategory function. This makes it possible for unauthenticated attackers to clea...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxRenameCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxRenameCategory function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.10 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxDeleteCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder