Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:59 a.m.5 views

CVE-2024-11353

The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletemessage function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.6AI score0.00304EPSS
Exploits0References1
Circl
Circl
added 2024/12/07 1:59 a.m.5 views

CVE-2024-11353

creationtimestamp| type| source ---|---|--- 2024-12-07 01:59:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113609066930276320 2024-12-07 04:10:54+00:00| seen| https://t.me/cvedetector/12312...

4.3CVSS8.7AI score0.00304EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/07 1:45 a.m.5 views

CVE-2024-11353 SMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion

The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletemessage function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.6AI score0.00304EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/07 1:45 a.m.25 views

CVE-2024-11353 SMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion

The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletemessage function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00304EPSS
Exploits0References3
Rows per page
Query Builder