Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/02 8:27 a.m.12 views

CVE-2024-13716

The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsettingscallback function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS7.2AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2025/02/28 8:23 a.m.58 views

CVE-2024-13716

The CVE relates to the WordPress Forex Calculators plugin. Multiple sources confirm a missing capability check in the ajax_settings_callback() path, enabling authenticated attackers with Subscriber-level access and above to modify plugin settings. Affected versions are up to 1.3.5 (per CVE detail...

4.3CVSS7.3AI score0.00297EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/28 8:23 a.m.8 views

CVE-2024-13716 Forex Calculators <= 1.3.7 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsettingscallback function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS7.2AI score0.00297EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/28 8:23 a.m.16 views

CVE-2024-13716 Forex Calculators <= 1.3.7 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxsettingscallback function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00297EPSS
Exploits0References3
Rows per page
Query Builder