2 matches found
CVE-2024-1733 Word Replacer Pro <= 1.0 - Missing Authorization to Unauthenticated Arbitrary Content Update
The Word Replacer Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wordreplacerultra function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update arbitrary content on the...
CVE-2024-1733
CVE-2024-1733 exists in Word Replacer Pro for WordPress (all versions up to 1.0). A missing capability check in word_replacer_ultra() permits unauthenticated attackers to modify arbitrary content on the site. Public details from Red Hat and Wordfence corroborate unauthorized content modification ...