90 matches found
Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...
WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...
CVE-2024-6138
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-6138
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
WordPress Secure Copy Content Protection and Content Locking Plugin < 4.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.0.9 Fixed in 4.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6138 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 386e7454f8d8...
PT-2024-37413 · WordPress · Secure Copy Content Protection/Content Locking
Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.0.9 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html...
WordPress plugin Secure Copy Content Protection and Content Locking security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
CVE-2024-32787 WordPress Secure Copy Content Protection and Content Locking plugin <= 3.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.7.1...
CVE-2024-32787
CVE-2024-32787 is a Missing Authorization vulnerability reported for the WordPress plugin Secure Copy Content Protection and Content Locking, affecting versions up to 3.7.1 (from n/a through 3.7.1). The initial description notes no exploitation details or mitigation. CVSSv3.1 data (source audit@p...
WordPress plugin Secure Copy Content Protection and Content Locking 3.7.1 and security vulnerabilities
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wordPress plugin is an application plugin. A security vulnerability exists in the...
CVE-2024-33587
Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.9.0...
WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
PT-2024-25355 · Unknown · Secure Copy Content Protection/Content Locking
Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking versions 3.9.0 and earlier Description: A Missing Authorization issue has been identified, affecting Secure Copy Content Protection and Content Locking. The issue allows for potential...
WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 3.9.0...
WordPress Secure Copy Content Protection and Content Locking plugin <= 3.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 3.7.1...
GHSA-FJ9V-G8FW-VXMF Improper Privilege Management in craftercms
A logged-in and authenticated user with a Reviewer Role may lock a content item...
Improper Privilege Management in craftercms
A logged-in and authenticated user with a Reviewer Role may lock a content item...
CVE-2021-23265
Technical details about CVE-2021-23265 are not publicly provided in the supplied documents. The materials confirm a privilege-related issue in Crafter CMS allowing a Reviewer to lock content, but no specifics on affected versions or fix are included. Monitor for updates.
Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi
Secure Copy Content Protection and Content Locking, a WordPress plugin, prior to 2.8.2 is affected by an unauthenticated SQL injection via the sccpid parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from thewpusers table of the affected WordPress...