3 matches found
CVE-2024-13367
creationtimestamp| type| source ---|---|--- 2025-01-17 07:16:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfwarhuj3p2n 2025-01-17 07:17:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113842471654580608 2025-01-17 07:38:54+00:00| seen|...
CVE-2024-13367 Sandbox <= 0.4 - Missing Authorization to Authenticated (Subscriber+) Sandbox Download
The Sandbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the exportdownload action in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to download an entire copy of...
CVE-2024-13367 Sandbox <= 0.4 - Missing Authorization to Authenticated (Subscriber+) Sandbox Download
The Sandbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the exportdownload action in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to download an entire copy of...