Lucene search
+L

4 matches found

Circl
Circl
added 2024/02/23 8:26 a.m.8 views

CVE-2024-1778

creationtimestamp| type| source ---|---|--- 2024-02-23 08:26:51+00:00| seen| https://t.me/ctinow/191523 2024-02-23 08:31:41+00:00| seen| https://t.me/ctinow/191528 2024-03-13 17:42:00+00:00| seen| https://t.me/ctinow/206953...

5.3CVSS6.2AI score0.00375EPSS
Exploits0References3
NVD
NVD
added 2024/02/23 7:15 a.m.26 views

CVE-2024-1778

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ztdcfcfchangebookmark function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter...

5.3CVSS4.4AI score0.00375EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/23 6:48 a.m.29 views

CVE-2024-1778 Admin side data storage for Contact Form 7 <= 1.1.1 - Missing Authorization to Unauthenticated Bookmark Status Alteration

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ztdcfcfchangebookmark function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter...

4.3CVSS4.7AI score0.00375EPSS
Exploits0References2
CVE
CVE
added 2024/02/23 6:48 a.m.82 views

CVE-2024-1778

CVE-2024-1778 affects the WordPress plugin “Admin side data storage for Contact Form 7.” The vulnerability is due to a missing capability check in the zt_dcfcf_change_bookmark() function, enabling unauthenticated actors to modify bookmark statuses in all versions up to 1.1.1. Multiple connected s...

5.3CVSS5.3AI score0.00375EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder