5 matches found
CVE-2024-1177
The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update th...
WordPress WP Club Manager Plugin <= 2.2.10 is vulnerable to Broken Access Control
Software WP Club Manager Type Plugin Vulnerable versions = 2.2.10 Fixed in 2.2.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1177 Patch priority Low CVSS severity Low 5.3 Developer WP Club Manager PSID 6e13e5e19043 Credits Francesco Carlucci Required...
CVE-2024-1177
The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update th...
CVE-2024-1177
The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update th...
CVE-2024-1177
CVE-2024-1177 concerns the WP Club Manager WordPress plugin. Multiple connected sources confirm a missing capability check in settings_save() across versions up to and including 2.2.10, causing unauthorized modification of data by unauthenticated users and allowing updates to the clubs permalink ...