6 matches found
CVE-2024-31244
Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...
CVE-2024-31244
Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...
CVE-2024-31244 WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerability
Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...
CVE-2024-31244 WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerability
Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...
CVE-2024-31244
CVE-2024-31244 corresponds to a Bricksforge WordPress plugin issue with Missing Authorization in versions n/a–2.0.17. Connected sources describe unauthenticated actions including arbitrary email sending, WordPress settings deletion/update, and other unauthorized settings changes. Affected plugin ...
WordPress Bricksforge Plugin <= 2.0.17 is vulnerable to Settings Change
Software Bricksforge Type Plugin Vulnerable versions = 2.0.17 Fixed in 2.1.1 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-31244 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 14424e64b823 Credits Dave Jong Patchstack Required...