Lucene search
+L

4 matches found

Circl
Circl
added 2025/02/28 9:27 a.m.12 views

CVE-2024-10860

creationtimestamp| type| source ---|---|--- 2025-02-28 09:27:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5849 2025-02-28 13:41:00+00:00| seen| https://t.me/cvedetector/19148 2025-02-28 13:49:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljakcxno732t 2025-03-02...

4.3CVSS7.8AI score0.00248EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/28 9:22 a.m.19 views

CVE-2024-10860 NextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason Submission

The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing capability check on the submituninstallreasonaction function in all versions up to, and including, 2.19.0. This makes it possible for authenticated attackers,...

4.3CVSS0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/28 9:22 a.m.10 views

CVE-2024-10860 NextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason Submission

The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing capability check on the submituninstallreasonaction function in all versions up to, and including, 2.19.0. This makes it possible for authenticated attackers,...

4.3CVSS4.3AI score0.00248EPSS
Exploits0References2
CVE
CVE
added 2025/02/28 9:22 a.m.123 views

CVE-2024-10860

CVE-2024-10860 affects the WordPress plugin “NextMove Lite – Thank You Page for WooCommerce.” The vulnerability is a missing capability check in the _submit_uninstall_reason_action() function, present in all versions up to 2.19.0. This allows authenticated attackers with Subscriber-level access a...

4.3CVSS4.3AI score0.00248EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder