Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/06/21 2:5 a.m.14 views

CVE-2024-1955 Hide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification

The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warningnoticessettings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor acces...

4.3CVSS6.5AI score0.00343EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/21 2:5 a.m.34 views

CVE-2024-1955 Hide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification

The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warningnoticessettings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor acces...

4.3CVSS0.00343EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.11 views

WordPress Hide Dashboard Notifications Plugin <= 1.3 is vulnerable to Broken Access Control

Software Hide Dashboard Notifications Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1955 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 47605ad93239 Credits Francesco Carlucci...

4.3CVSS6.6AI score0.00343EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder