8 matches found
WordPress Hotel Listing Plugin < 1.3.7 is vulnerable to Privilege Escalation
Software Hotel Listing Type Plugin Vulnerable versions 1.3.7 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 6e712961c58d Credits Omar Badran Required privilege...
WordPress photographer-directory Plugin < 1.0.9 is vulnerable to Privilege Escalation
Software photographer-directory Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 44093df6ab0d Credits Omar Badran Required...
WordPress fitness-trainer Plugin < 1.4.1 is vulnerable to Privilege Escalation
Software fitness-trainer Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 4ffd920db47c Credits Omar Badran Required privilege...
WordPress institutions-directory Plugin < 1.3.1 is vulnerable to Privilege Escalation
Software institutions-directory Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3f4ecdce4fb1 Credits Omar Badran Required...
WordPress doctor-listing Plugin < 1.3.6 is vulnerable to Privilege Escalation
Software doctor-listing Type Plugin Vulnerable versions 1.3.6 Fixed in 1.3.6 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 30151bcf23e5 Credits Omar Badran Required privilege...
WordPress real-estate-pro Plugin < 1.7.1 is vulnerable to Privilege Escalation
Software real-estate-pro Type Plugin Vulnerable versions 1.7.1 Fixed in 1.7.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID a8f610e7b2fc Credits Omar Badran Required privilege...
WordPress lawyer-directory Plugin < 1.2.9 is vulnerable to Privilege Escalation
Software lawyer-directory Type Plugin Vulnerable versions 1.2.9 Fixed in 1.2.9 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID c69ece2de96a Credits Omar Badran Required privileg...
CVE-2020-36666 Multiple e-plugins - Subscriber+ Privilege Escalation
The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin before 1.0.9, real-estate-pro WordPress plugin before 1.7.1, institutions-directory WordPre...