2 matches found
CVE-2024-3269
The Download Monitor plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on the dlmuninstallplugin function in all versions up to, and including, 4.9.13. This makes it possible for authenticated attackers to uninstall the plugin and delete...
WordPress Download Monitor Plugin <= 4.9.13 is vulnerable to Broken Access Control
Software Download Monitor Type Plugin Vulnerable versions = 4.9.13 Fixed in 4.9.14 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3269 Patch priority Low CVSS severity Low 5.4 Developer WPChill PSID 5b6ee26dd073 Credits Arkadiusz Hydzik Required privilege...