3 matches found
CVE-2024-1860
CVE-2024-1860 concerns the Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress (antihacker)
CVE-2024-1860 Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.51 - Missing Authorization to Unauthenticated IP Address Whitelist
The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackeraddwhitelist function in all versions up to, and including, 4.51. This makes it...
WordPress Anti Hacker Plugin <= 4.51 is vulnerable to Broken Access Control
Software Anti Hacker Type Plugin Vulnerable versions = 4.51 Fixed in 4.52 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1860 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID bbb1acb1d01e Credits Lucio Sá Required privilege...