2 matches found
CVE-2020-36729
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twojslideshowsetup' function called via the wpajaxtwojslideshowsetup AJAX action in versions up to, and including, 1.3.31. This makes it possible for authenticated attackers...
CVE-2020-36729
The CVE-2020-36729 case concerns the WordPress plugin 2J-SlideShow, vulnerable up to version 1.3.31 due to a missing capability check in the twoj_slideshow_setup function exposed via the wp_ajax_twoj_slideshow_setup AJAX action. This results in an authorization bypass where authenticated users (S...