Lucene search
+L

3 matches found

Patchstack
Patchstack
added 2024/04/11 12:0 a.m.13 views

WordPress WP Radio – Worldwide Online Radio Stations Directory for WordPress Plugin <= 3.1.9 is vulnerable to Broken Access Control

Software WP Radio – Worldwide Online Radio Stations Directory for WordPress Type Plugin Vulnerable versions = 3.1.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1042 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership...

6.4CVSS6.5AI score0.00362EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/10 4:30 a.m.33 views

CVE-2024-1042 WP Radio – Worldwide Online Radio Stations Directory for WordPress <= 3.1.9 - Missing Authorization via multiple AJAX actions

The WP Radio – Worldwide Online Radio Stations Directory for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 3.1.9. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00362EPSS
Exploits0References2
CVE
CVE
added 2024/04/10 4:30 a.m.61 views

CVE-2024-1042

CVE-2024-1042 affects the WP Radio plugin for WordPress (versions up to 3.1.9). Description shows unauthorized modification of data via missing capability checks on several AJAX actions, allowing authenticated users with subscriber+ privileges to import stations, remove countries, and alter plugi...

6.4CVSS6AI score0.00362EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder