4 matches found
CVE-2024-13368
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the youzifyofferbanner function in all versions up to, and including, 1.3.4. This makes it possible for...
CVE-2024-13368
creationtimestamp| type| source ---|---|--- 2025-01-25 07:58:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113887931264398586 2025-01-25 08:05:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3060 2025-01-25 10:28:51+00:00| seen|...
CVE-2024-13368
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress (Youzify) suffers a missing capability check in the youzify_offer_banner() function. All versions up to and including 1.3.2 are affected, enabling authenticated attackers with Subscriber-level acces...
CVE-2024-13368 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the youzifyofferbanner function in all versions up to, and including, 1.3.4. This makes it possible for...