Lucene search
K

4 matches found

NVD
NVD
added 2023/03/27 4:15 p.m.11 views

CVE-2023-0441

The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...

8.1CVSS7.9AI score0.00731EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/03/27 3:37 p.m.10 views

CVE-2023-0441 Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update

The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...

8AI score0.00731EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/03/27 3:37 p.m.20 views

CVE-2023-0441 Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update

The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...

8.1AI score0.00731EPSS
Exploits2References1
CVE
CVE
added 2023/03/27 3:37 p.m.76 views

CVE-2023-0441

The CVE-2023-0441 entry concerns the Gallery Blocks with Lightbox WordPress plugin prior to 3.0.8. An AJAX endpoint is accessible to any authenticated user (e.g., subscriber); the callback can perform actions including reading/updating WordPress options, potentially enabling registration with a d...

8.1CVSS7.9AI score0.00731EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder