5 matches found
CVE-2024-12155
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...
CVE-2024-12155
creationtimestamp| type| source ---|---|--- 2024-12-06 09:51:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113605258904859384 2024-12-06 10:35:50+00:00| seen| https://t.me/cvedetector/12178 2024-12-06 13:05:28+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9329...
CVE-2024-12155
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...
CVE-2024-12155
CVE-2024-12155 affects the SV100 Companion plugin for WordPress and stems from a missing capability check in the settings_import() function. This vulnerability exists in all versions up to and including 2.0.02, allowing unauthenticated attackers to modify arbitrary options on a WordPress site. Th...
CVE-2024-12155 SV100 Companion <= 2.0.02 - Missing Authorization to Unuathenticated Arbitrary Options Update
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settingsimport function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to...