3 matches found
CVE-2024-11936
creationtimestamp| type| source ---|---|--- 2025-01-26 11:16:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113894370004265885 2025-01-26 12:15:53+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgnfpw4ybh2h 2025-01-26 13:06:17+00:00| seen|...
CVE-2024-11936
CVE-2024-11936 (Zox News, WordPress) : The Zox News theme (versions
CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...