3 matches found
CVE-2024-13423
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...
CVE-2024-13423 Sparkling <= 2.4.9 - Missing Authorization to Unauthenticated Arbitrary Plugin Activation/Deactivation
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...
CVE-2024-13423 Sparkling <= 2.4.9 - Missing Authorization to Unauthenticated Arbitrary Plugin Activation/Deactivation
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...