4 matches found
CVE-2024-22156
Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...
CVE-2024-22156
CVE-2024-22156 concerns the WordPress SalesKing plugin (SalesKing) up to version 1.6.15. The root cause is Missing Authorization, allowing an unauthenticated user to change plugin settings due to missing capability checks. Affected versions are
CVE-2024-22156 WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Plugin Settings Change vulnerability
Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...
WordPress SalesKing Plugin <= 1.6.15 is vulnerable to Settings Change
Software SalesKing Type Plugin Vulnerable versions = 1.6.15 Fixed in 1.6.30 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-22156 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 22c1687edcfd Credits Dave Jong Patchstack Required...