5 matches found
CVE-2020-36698
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative dashboard. This makes...
WordPress Security & Malware scan by CleanTalk Plugin <= 2.50 is vulnerable to Broken Access Control
Software Security & Malware scan by CleanTalk Type Plugin Vulnerable versions = 2.50 Fixed in 2.51 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36698 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID b7a98366ebf3 Credits Jerome...
CVE-2020-36698 Security & Malware scan by CleanTalk <= 2.50 - Missing Authorization
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative dashboard. This makes...
CVE-2020-36698 Security & Malware scan by CleanTalk <= 2.50 - Missing Authorization
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized user interaction in versions up to, and including, 2.50. This is due to missing capability checks on several AJAX actions and nonce disclosure in the source page of the administrative dashboard. This makes...
CVE-2020-36698
The CVE-2020-36698 entry affects the WordPress plugin Security & Malware scan by CleanTalk, vulnerable in versions up to 2.50 due to missing capability checks on several AJAX actions and nonce disclosure in the admin dashboard source. This allows authenticated attackers with subscriber-level perm...