3 matches found
CVE-2024-11643
The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'AllAccessiblesavesettings' function in all versions up to, and including, 1.3.4. This makes it possible for...
CVE-2024-11643
creationtimestamp| type| source ---|---|--- 2024-12-04 15:30:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113595269115048742 2024-12-04 17:36:00+00:00| seen| https://t.me/cvedetector/12014 2025-01-06 20:20:20+00:00| seen|...
CVE-2024-11643 Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update
The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'AllAccessiblesavesettings' function in all versions up to, and including, 1.3.4. This makes it possible for...