Lucene search
+L

3 matches found

patchstack
patchstack
added 2024/05/24 12:0 a.m.11 views

WordPress EmbedPress Plugin <= 3.9.12 is vulnerable to Broken Access Control

Software EmbedPress Type Plugin Vulnerable versions = 3.9.12 Fixed in 3.9.13 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1803 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 58b21d9fa99a Credits WordFence Required privilege...

4.3CVSS6.6AI score0.0028EPSS
Exploits0References3Affected Software1
cve
cve
added 2024/05/23 12:43 p.m.90 views

CVE-2024-1803

Summary (CVE-2024-1803) : The WordPress plugin EmbedPress (Embed PDF, Google Docs, Vimeo, Wistia, YouTube, etc.) up to version 3.9.12 is vulnerable to unauthorized access of PDF embed functionality due to insufficient authorization validation on the PDF embed block. Impact, per sources, is that a...

4.3CVSS4.7AI score0.0028EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2024/05/23 12:43 p.m.9 views

CVE-2024-1803 EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of functionality due to insufficient authorization validation on the PDF embed block in all versions ...

4.3CVSS6.5AI score0.0028EPSS
Exploits0References2
Rows per page
Query Builder