4 matches found
CVE-2024-12129
The Royal Core plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'royalrestorebackup' function in all versions up to, and including, 2.9.2. This makes it possible for authenticated attackers, with...
CVE-2024-12129
creationtimestamp| type| source ---|---|--- 2025-01-30 14:01:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113917671374380676 2025-01-30 14:16:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxodbpgli2t 2025-01-30 16:50:57+00:00| seen|...
CVE-2024-12129 Royal Core <= 2.9.2 - Authenticated (Subscriber+) Arbitrary Options Update
The Royal Core plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'royalrestorebackup' function in all versions up to, and including, 2.9.2. This makes it possible for authenticated attackers, with...
CVE-2024-12129 Royal Core <= 2.9.2 - Authenticated (Subscriber+) Arbitrary Options Update
The Royal Core plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'royalrestorebackup' function in all versions up to, and including, 2.9.2. This makes it possible for authenticated attackers, with...