3 matches found
CVE-2024-0829
Technical details about CVE-2024-0829 are not publicly provided in the connected documents. The initial description notes missing authorization in a WordPress plugin (up to version 5.0) but provides no further vendor/product/version specifics. Monitor for updates.
CVE-2024-0829 Comments Extra Fields For Post,Pages and CPT <= 5.0 - Missing Authorization
The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.0. This is due to missing or incorrect capability checks on several ajax actions. This makes it possible for authenticated attackers, with subscribe...
WordPress WordPress Comments Fields Plugin <= 5.0 is vulnerable to Broken Access Control
Software WordPress Comments Fields Type Plugin Vulnerable versions = 5.0 Fixed in 5.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0829 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cdb4c1c8e480 Credits Francesco Carlucci...