5 matches found
CVE-2024-37468
Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1...
CVE-2024-37468
Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1...
CVE-2024-37468 WordPress Newsmatic theme <= 1.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1...
CVE-2024-37468
CVE-2024-37468 is a Missing Authorization vulnerability in the Blazethemes Newsmatic WordPress theme (affected 1.3.1 and earlier). According to Red Hat and PT Security sources, the issue arises from incorrectly configured access control, enabling unauthorized access to restricted actions. CVSS v3...
WordPress Newsmatic Theme <= 1.3.1 is vulnerable to Broken Access Control
Software Newsmatic Type Theme Vulnerable versions = 1.3.1 Fixed in 1.3.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37468 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5a6c88e4d8e5 Credits Dhabaleshwar Das Required privilege...