3 matches found
CVE-2024-1093
The Change Memory Limit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adminlogic function hooked via admininit in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update the memory...
CVE-2024-1093
CVE-2024-1093 affects the WordPress plugin Change Memory Limit. The vulnerability arises from a missing capability check in admin_logic() hooked via admin_init, allowing unauthenticated attackers to modify the memory limit on all versions up to 1.0. Public sources describe the issue as an unautho...
WordPress Change Memory Limit Plugin <= 1.0 is vulnerable to Broken Access Control
Software Change Memory Limit Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1093 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ddfd765b5284 Credits Francesco Carlucci Required...