2 matches found
CVE-2024-3233
CVE-2024-3233 affects the Ivory Search – WordPress Search Plugin. It lacks a capability check in ajax_create_index(), allowing authenticated users with subscriber-level access and above to trigger index creation and potentially modify data in all versions up to 5.5.5. The initial description stat...
WordPress Ivory Search Plugin <= 5.5.5 is vulnerable to Broken Access Control
Software Ivory Search Type Plugin Vulnerable versions = 5.5.5 Fixed in 5.5.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3233 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5ff3a7d3e493 Credits Thura Moe Myint mgthuramoemyint...