Lucene search
K

4 matches found

CVE
CVE
added 2023/06/09 5:33 a.m.53 views

CVE-2023-0993

The issue concerns The Shield Security plugin for WordPress. The connected documents confirm a vulnerability in the plugin where Missing Authorization on the theme-plugin-file AJAX action affects versions up to and including 17.0.17, enabling authenticated attackers to add arbitrary audit log ent...

4.3CVSS5AI score0.0055EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.15 views

CVE-2023-0993 Shield Security <= 17.0.17 - Missing Authorization

The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and including, 17.0.17. This allows authenticated attackers to add arbitrary audit log entries indicating that a theme or plugin has been edited, and is also a...

4.3CVSS6.6AI score0.0055EPSS
Exploits2References4
Packet Storm
Packet Storm
added 2023/04/25 12:0 a.m.316 views

WordPress Shield Security 17.0.17 Cross Site Scripting / Missing Authorization

Affected Plugin: Shield Security – Smart Bot Blocking & Intrusion Prevention Plugin Slug: wp-simple-firewall Affected Versions: = 17.0.17 CVE ID: CVE-2023-0992 CVSS Score: 7.2 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N Researcher/s: Ramuel Gall Fully Patched Version: 17.0.18 T...

6.3AI score0.93046EPSS
Exploits2
Patchstack
Patchstack
added 2023/04/25 12:0 a.m.14 views

WordPress Shield Security Plugin <= 17.0.17 is vulnerable to Broken Access Control

Software Shield Security Type Plugin Vulnerable versions = 17.0.17 Fixed in 17.0.18 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0993 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID a6f498e522a5 Credits Ramuel Gall Required...

4.3CVSS6.8AI score0.0055EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder