4 matches found
CVE-2023-5525
The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the toggleautoupdate AJAX action, allowing any user with a valid nonce to toggle the auto-update status of the plugin...
CVE-2023-5525 Limit Login Attempts Reloaded < 2.25.26 - Admin+ Missing Authorization to Toggle Plugin Auto-Update
The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the toggleautoupdate AJAX action, allowing any user with a valid nonce to toggle the auto-update status of the plugin...
CVE-2023-5525
CVE-2023-5525 affects the Limit Login Attempts Reloaded WordPress plugin prior to 2.25.26. The root cause is missing authorization on the toggle_auto_update AJAX action, allowing any user with a valid nonce to toggle the plugin’s auto-update status. Impact: potential unauthorized control of auto-...
CVE-2023-5525 Limit Login Attempts Reloaded < 2.25.26 - Admin+ Missing Authorization to Toggle Plugin Auto-Update
The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the toggleautoupdate AJAX action, allowing any user with a valid nonce to toggle the auto-update status of the plugin...