6 matches found
CVE-2024-1110
creationtimestamp| type| source ---|---|--- 2024-02-07 12:21:57+00:00| seen| https://t.me/ctinow/180658 2024-03-01 17:17:17+00:00| seen| https://t.me/ctinow/197804...
CVE-2024-1110
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to import the plugin's settings...
CVE-2024-1110 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Settings Import
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to import the plugin's settings...
CVE-2024-1110 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Settings Import
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to import the plugin's settings...
CVE-2024-1110
The Podlove Podcast Publisher plugin for WordPress (up to and including version 4.0.11) is vulnerable to unauthorized data modification due to a missing capability check on init(). This enables unauthenticated attackers to import or modify the plugin’s settings. The issue is triggered across all ...
WordPress Podlove Podcast Publisher Plugin <= 4.0.11 is vulnerable to Broken Access Control
Software Podlove Podcast Publisher Type Plugin Vulnerable versions = 4.0.11 Fixed in 4.0.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1110 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 51ffbbb85b7f Credits Lucio Sá Required...