5 matches found
CVE-2024-10795
creationtimestamp| type| source ---|---|--- 2024-11-16 02:30:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113490280871334702 2024-11-16 05:12:11+00:00| seen| https://t.me/cvedetector/11203...
CVE-2024-10795 Popularis Extra <= 1.2.7 - Authenticated (Contributor+) Post Disclosure
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.7 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10795 Popularis Extra <= 1.2.7 - Authenticated (Contributor+) Post Disclosure
The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.7 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10795
CVE-2024-10795 affects the WordPress plugin Popularis Extra (versions
WordPress Popularis Extra Plugin <= 1.2.7 is vulnerable to Broken Access Control
Software Popularis Extra Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10795 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 00ba4d7504ea Credits Francesc...