5 matches found
CVE-2024-25908
Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...
CVE-2024-25908
Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...
CVE-2024-25908 WordPress WP Media folder plugin <= 5.7.2 - Subscriber+ Arbitrary Post/Page Modification vulnerability
Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...
CVE-2024-25908
CVE-2024-25908 affects the WordPress plugin WP Media Folder (JoomUnited) up to version 5.7.2. The root cause is missing authorization validation, enabling unauthenticated or subscriber-level users to modify post/page titles and excerpts. Public sources in connected data confirm the vulnerability ...
WordPress WP Media folder Plugin <= 5.7.2 is vulnerable to Settings Change
Software WP Media folder Type Plugin Vulnerable versions = 5.7.2 Fixed in 5.7.3 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-25908 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 54ad5de45957 Credits Dave Jong Patchstack Required...