3 matches found
CVE-2020-36838
The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wpajaxupdateoptions function in versions up to, and including, 1.5. This flaw makes it possible for low-level authenticated attackers to connect their own Facebook Messenger accou...
CVE-2020-36838 Facebook Chat Plugin <= 1.5 - Missing Capabilities Check
The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wpajaxupdateoptions function in versions up to, and including, 1.5. This flaw makes it possible for low-level authenticated attackers to connect their own Facebook Messenger accou...
CVE-2020-36838
The CVE-2020-36838 entry concerns the Facebook Chat Plugin for WordPress (versions up to and including 1.5). The root cause is an authorization bypass caused by a missing capability check in the wp_ajax_update_options function, enabling low‑level authenticated attackers to connect their own Faceb...