3 matches found
CVE-2024-0866
The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The acti...
CVE-2024-0866 Check & Log Email <= 1.0.9 - Unauthenticated Hook Injection
The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The acti...
WordPress Check & Log Email Plugin <= 1.0.9 is vulnerable to Broken Access Control
Software Check & Log Email Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.0.10 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0866 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 0ac766d27e85 Credits Sean Murphy Required...