5 matches found
CVE-2024-13231
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addvideo' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitra...
CVE-2024-13231
creationtimestamp| type| source ---|---|--- 2025-02-19 09:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lijgtfps3m2t 2025-02-19 12:01:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lijq3wut2p2v 2025-02-19 12:03:10+00:00| seen|...
CVE-2024-13231
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addvideo' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitra...
CVE-2024-13231 WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Missing Authorization to Unauthenticated Portfolio Update
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addvideo' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitra...
CVE-2024-13231
CVE-2024-13231 : The WordPress Portfolio Builder – Portfolio Gallery plugin has a vulnerability in all versions up to 1.1.7 due to a missing capability check in the add_video function, enabling an unauthenticated attacker to modify data by adding arbitrary videos to any portfolio gallery. This is...