Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/06/04 5:32 a.m.26 views

CVE-2024-2019 WP-DB-Table-Editor <= 1.8.4 - Missing Authorization to Authenticated(Contributor+) Database Access

The WP-DB-Table-Editor plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to lack of a default capability requirement on the 'dbterender' function in all versions up to, and including, 1.8.4. This makes it possible for authenticated...

7.5CVSS7.2AI score0.00382EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/04 5:32 a.m.11 views

CVE-2024-2019 WP-DB-Table-Editor <= 1.8.4 - Missing Authorization to Authenticated(Contributor+) Database Access

The WP-DB-Table-Editor plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to lack of a default capability requirement on the 'dbterender' function in all versions up to, and including, 1.8.4. This makes it possible for authenticated...

7.5CVSS6.5AI score0.00382EPSS
Exploits0References2
CVE
CVE
added 2024/06/04 5:32 a.m.23 views

CVE-2024-2019

CVE-2024-2019 affects WP-DB-Table-Editor for WordPress. The Red Hat entry states the vulnerability arises from missing default capability checks on the dbte_render function in all versions up to 1.8.4, enabling authenticated attackers with contributor access and above to modify database tables co...

7.5CVSS7.3AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/04 12:0 a.m.12 views

WordPress WP-DB-Table-Editor Plugin <= 1.8.4 is vulnerable to Broken Access Control

Software WP-DB-Table-Editor Type Plugin Vulnerable versions = 1.8.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2019 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d6649cd980cb Credits Francesco Carlucci Required...

7.5CVSS6.6AI score0.00382EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder