Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:26 a.m.7 views

CVE-2024-12155

The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...

9.8CVSS7.3AI score0.01197EPSS
Exploits0References1
Circl
Circl
added 2024/12/06 9:51 a.m.10 views

CVE-2024-12155

creationtimestamp| type| source ---|---|--- 2024-12-06 09:51:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113605258904859384 2024-12-06 10:35:50+00:00| seen| https://t.me/cvedetector/12178 2024-12-06 13:05:28+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9329...

9.8CVSS8.7AI score0.01197EPSS
Exploits0References3
NVD
NVD
added 2024/12/06 9:15 a.m.19 views

CVE-2024-12155

The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...

9.8CVSS0.01197EPSS
Exploits0References2
CVE
CVE
added 2024/12/06 8:24 a.m.57 views

CVE-2024-12155

CVE-2024-12155 affects the SV100 Companion plugin for WordPress and stems from a missing capability check in the settings_import() function. This vulnerability exists in all versions up to and including 2.0.02, allowing unauthenticated attackers to modify arbitrary options on a WordPress site. Th...

9.8CVSS7.3AI score0.01197EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/06 8:24 a.m.7 views

CVE-2024-12155 SV100 Companion <= 2.0.02 - Missing Authorization to Unuathenticated Arbitrary Options Update

The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...

9.8CVSS7.4AI score0.01197EPSS
Exploits0References2
Rows per page
Query Builder