Lucene search
K

4 matches found

CVE
CVE
added 2024/05/24 5:30 a.m.58 views

CVE-2024-0867

CVE-2024-0867 – Email Log (WordPress) vulnerability : Unauthenticated Hook Injection in all versions up to 2.4.8 via check_nonce. An attacker can execute actions with hooks without authentication under conditions where a nonce check is present and a nonce is known, and where there is no capabilit...

8.1CVSS8.2AI score0.00824EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/24 5:30 a.m.9 views

CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection

The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...

8.1CVSS8.2AI score0.00824EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/24 5:30 a.m.27 views

CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection

The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...

8.1CVSS8.2AI score0.00824EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/24 12:0 a.m.12 views

WordPress Email Log Plugin <= 2.4.8 is vulnerable to Other Vulnerability Type

Software Email Log Type Plugin Vulnerable versions = 2.4.8 Fixed in 2.4.9 OWASP Top 10 A3: Injection Classification Other Vulnerability Type CVE CVE-2024-0867 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 7750b3ba7ece Credits Sean Murphy Required privilege...

8.1CVSS6.8AI score0.00824EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder