CVE-2024-9586

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

WordPress plugin Linkz.ai 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Design/Logic Flaw

The checklogout function in class/auth.php in Help Center Live hcl 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to 1...

CVE-2007-4240

Help Center Live (hcl) 2.1.3a contains an authentication bypass in the check_logout function of class/auth.php. When administrative credentials are missing, the function redirects but does not exit, enabling an unauthenticated attacker to trigger actions via requests to admin/departments.php, adm...