Lucene search
K

4 matches found

NVD
NVD
added 2024/02/02 6:15 a.m.34 views

CVE-2024-1047

Multiple plugins and/or themes for WordPress with the ThemeIsle SDK are vulnerable to unauthorized modification of data due to a missing capability check on the registerreference function in various versions. This makes it possible for unauthenticated attackers to update options values that allow...

5.3CVSS5.1AI score0.0056EPSS
Exploits0References4
CVE
CVE
added 2024/02/02 5:33 a.m.90 views

CVE-2024-1047

CVE-2024-1047 concerns Orbit Fox by ThemeIsle (WordPress) with a vulnerability in register_reference() causing unauthorized modification of data. The issue exists in all versions up to and including 2.10.28 due to a missing capability check, enabling unauthenticated attackers to update the connec...

5.3CVSS6.7AI score0.0056EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 5:33 a.m.3 views

CVE-2024-1047 ThemeIsle SDK <= Various Versions - Missing Authorization

Multiple plugins and/or themes for WordPress with the ThemeIsle SDK are vulnerable to unauthorized modification of data due to a missing capability check on the registerreference function in various versions. This makes it possible for unauthenticated attackers to update options values that allow...

5.3CVSS6.7AI score0.0056EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/02/02 12:0 a.m.10 views

WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.28 is vulnerable to Broken Access Control

Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.28 Fixed in 2.10.29 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1047 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 50a5c5badf9e Credits Francesco Carlucci...

5.3CVSS6.6AI score0.0056EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder