Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:25 a.m.9 views

CVE-2023-4938

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsapplydefaultcombination function. This makes it possible for authenticated attackers subscriber or higher to manipulate...

4.3CVSS6.4AI score0.00431EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/18 7:31 a.m.10 views

CVE-2023-4938 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsapplydefaultcombination function. This makes it possible for authenticated attackers subscriber or higher to manipulate...

4.3CVSS6.5AI score0.00431EPSS
Exploits0References3
CVE
CVE
added 2023/10/18 7:31 a.m.67 views

CVE-2023-4938

CVE-2023-4938 concerns the BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin for WordPress. Affected versions are up to and including 1.1.3.3, due to a missing capability check in the function woobe_bulkoperations_apply_default_combination, enabling authenticated users w...

4.3CVSS4.3AI score0.00431EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/25 12:0 a.m.20 views

WordPress BEAR Plugin <= 1.1.3.3 is vulnerable to Broken Access Control

Software BEAR Type Plugin Vulnerable versions = 1.1.3.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4938 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 611080b0d2da Credits Marco Wotschka Required privilege...

4.3CVSS6.8AI score0.00431EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder