4 matches found
CVE-2024-0867
CVE-2024-0867 – Email Log (WordPress) vulnerability : Unauthenticated Hook Injection in all versions up to 2.4.8 via check_nonce. An attacker can execute actions with hooks without authentication under conditions where a nonce check is present and a nonce is known, and where there is no capabilit...
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the...
WordPress Email Log Plugin <= 2.4.8 is vulnerable to Other Vulnerability Type
Software Email Log Type Plugin Vulnerable versions = 2.4.8 Fixed in 2.4.9 OWASP Top 10 A3: Injection Classification Other Vulnerability Type CVE CVE-2024-0867 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 7750b3ba7ece Credits Sean Murphy Required privilege...