6 matches found
EUVD-2024-50675
Malicious code in bioql PyPI...
CVE-2024-12202
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusicajax' function in all versions up to, and including, 3.6. This makes it possible for authenticated attackers, with...
WordPress Croma Music plugin <= 3.6 - Authenticated (Subscriber+) Arbitrary Options Update in ironMusic_ajax vulnerability
Authenticated Subscriber+ Arbitrary Options Update in ironMusicajax vulnerability discovered by Tonn in WordPress Plugin Croma Music versions = 3.6...
CVE-2024-12202
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusicajax' function in all versions up to, and including, 3.6. This makes it possible for authenticated attackers, with...
CVE-2024-12202 Croma Music <= 3.6 - Authenticated (Subscriber+) Arbitrary Options Update in ironMusic_ajax
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusicajax' function in all versions up to, and including, 3.6. This makes it possible for authenticated attackers, with...
CVE-2024-12202
CVE-2024-12202 affects the Croma Music plugin for WordPress (