2 matches found
CVE-2019-15772
The nd-donations plugin before 1.4 for WordPress has a nopriv AJAX action that allows modification of the siteurl setting...
CVE-2019-15772
The CVE-2019-15772 issue affects the WordPress nd-donations plugin prior to version 1.4. It exposes a nopriv_ AJAX action that allows modification of the siteurl setting. This unauthenticated capability can enable an attacker to alter the site’s URL configuration, depending on the vulnerable envi...