Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:0 a.m.14 views

CVE-2022-4385

The Intuitive Custom Post Order WordPress plugin before 3.1.4 does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order...

4.3CVSS6.7AI score0.00486EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/21 8:50 a.m.4 views

CVE-2022-4385 Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The Intuitive Custom Post Order WordPress plugin before 3.1.4 does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order...

6.7AI score0.00486EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/21 8:50 a.m.49 views

CVE-2022-4385 Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The Intuitive Custom Post Order WordPress plugin before 3.1.4 does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order...

5.9AI score0.00486EPSS
Exploits2References1
CVE
CVE
added 2023/02/21 8:50 a.m.57 views

CVE-2022-4385

Summary: The WordPress plugin Intuitive Custom Post Order (

4.3CVSS4.5AI score0.00486EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/01/24 12:0 a.m.22 views

WordPress Intuitive Custom Post Order Plugin <= 3.1.3 is vulnerable to Broken Access Control

Software Intuitive Custom Post Order Type Plugin Vulnerable versions = 3.1.3 Fixed in 3.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4385 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 582d2859794c Credits Yuya Kotake...

4.3CVSS6.4AI score0.00486EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder