Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/02/05 10:36 a.m.18 views

CVE-2024-12822

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the addcaptoimg function in all versions up to, and including, 3.11.0. This makes it possible for unauthenticated...

9.8CVSS9.7AI score0.00557EPSS
Exploits0References1
nvd
nvd
added 2025/01/30 2:15 p.m.31 views

CVE-2024-12822

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the addcaptoimg function in all versions up to, and including, 3.11.0. This makes it possible for unauthenticated...

9.8CVSS0.00557EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/01/30 1:42 p.m.12 views

CVE-2024-12822 Media Manager for UserPro <= 3.12.0 - Missing Authorization to Unauthenticated Arbitrary Options Update

The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the addcaptoimg function in all versions up to, and including, 3.11.0. This makes it possible for unauthenticated...

9.8CVSS9.6AI score0.00557EPSS
Exploits0References2
cve
cve
added 2025/01/30 1:42 p.m.62 views

CVE-2024-12822

The CVE-2024-12822 entry affects the WordPress plugin Media Manager for UserPro. A missing capability check in add_capto_img() enables unauthorized modification of data, allowing unauthenticated attackers to update arbitrary WordPress options and potentially raise the default registration role to...

9.8CVSS9.7AI score0.00557EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder