2 matches found
PT-2025-20647 · Unknown · Dígitro Ngc Explorer
Name of the Vulnerable Software and Affected Versions: Dígitro NGC Explorer version 3.44.15 Description: A problematic issue was found in the Configuration Page component, leading to missing password field masking. This issue can be initiated remotely. The vendor was contacted about this disclosu...
CVE-2021-4360
The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. This makes it possible for attackers to create a new administrator role with unrestricted access...