2 matches found
CVE-2024-1637
The CVE-2024-1637 entry concerns the 360 Javascript Viewer WordPress plugin. Affected versions are all versions up to and including 1.7.12, where an unauthorized modification of data is possible due to a missing capability check and nonce exposure on multiple AJAX actions. The vulnerability can b...
WordPress 360 Javascript Viewer Plugin <= 1.7.12 is vulnerable to Broken Access Control
Software 360 Javascript Viewer Type Plugin Vulnerable versions = 1.7.12 Fixed in 1.7.13 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1637 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bcec8398ba12 Credits Lucio Sá Required...