Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:34 a.m.9 views

CVE-2024-12259

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.8120. This is due to the plugin not properly validating a user's identity prior to updating their email through the wcupdateuserdata AJAX...

8.8CVSS9.6AI score0.005EPSS
Exploits0References1
NVD
NVD
added 2024/12/18 4:15 a.m.19 views

CVE-2024-12259

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.8120. This is due to the plugin not properly validating a user's identity prior to updating their email through the wcupdateuserdata AJAX...

8.8CVSS0.005EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/18 3:22 a.m.20 views

CVE-2024-12259 CRM WordPress Plugin – RepairBuddy <= 3.8120 - Missing Authorization to Account Takeover/Privilege Escalation

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.8120. This is due to the plugin not properly validating a user's identity prior to updating their email through the wcupdateuserdata AJAX...

8.8CVSS0.005EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/18 3:22 a.m.10 views

CVE-2024-12259 CRM WordPress Plugin – RepairBuddy <= 3.8120 - Missing Authorization to Account Takeover/Privilege Escalation

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.8120. This is due to the plugin not properly validating a user's identity prior to updating their email through the wcupdateuserdata AJAX...

8.8CVSS7.2AI score0.005EPSS
Exploits0References4
Rows per page
Query Builder