5 matches found
CVE-2024-11334
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportarregistros function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data...
CVE-2024-11334
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportarregistros function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data...
CVE-2024-11334
creationtimestamp| type| source ---|---|--- 2024-11-21 05:55:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113519397561361399...
CVE-2024-11334 My Contador lesr <= 2.0 - Missing Authorization to Unauthenticated User Registration CSV Export
The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportarregistros function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data...
WordPress My Contador lesr Plugin <= 2.0 is vulnerable to Broken Access Control
Software My Contador lesr Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-11334 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2fcca67ced9c Credits SOPROBRO Required privilege...