3 matches found
CVE-2023-4404
CVE-2023-4404: Privilege escalation in Donation Forms by Charitable for WordPress. Vulnerable in Charitable versions up to 1.7.0.12 due to insufficient restriction in update_core_user, allowing unauthenticated attackers to specify their role during registration. Wordfence and Red Hat advisories d...
WordPress Charitable Donations Plugin And Fundraising Platform 1.7.0.12 Privilege Escalation
Description: Donation Forms by Charitable = 1.7.0.12 – Unauthenticated Privilege Escalation Affected Plugin: Charitable – Donations Plugin & Fundraising Platform for WordPress Plugin Slug: charitable Affected Versions: = 1.7.0.12 CVE ID: CVE-2023-4404 CVSS Score: 9.8 Critical CVSS...
WordPress Charitable Plugin <= 1.7.0.12 is vulnerable to Privilege Escalation
Software Charitable Type Plugin Vulnerable versions = 1.7.0.12 Fixed in 1.7.0.13 OWASP Top 10 A3: Injection Classification Privilege Escalation CVE CVE-2023-4404 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 52fac3028e4c Credits István Márton Required privilege...