2 matches found
WordPress Image Watermark Plugin <= 1.7.3 is vulnerable to Broken Access Control
Software Image Watermark Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1994 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 790ca7ba3a40 Credits Lucio Sá Required privilege...
CVE-2024-1994
The Image Watermark plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the watermarkactionajax function in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with subscriber-level access and above...