3 matches found
CVE-2024-3748 SP Project & Document Manager <= 4.71 - Data Update via IDOR
The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the userid to make it appear that a file was uploaded by another user...
CVE-2024-3748 SP Project & Document Manager <= 4.71 - Data Update via IDOR
The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the userid to make it appear that a file was uploaded by another user...
WordPress SP Project & Document Manager Plugin <= 4.71 is vulnerable to Insecure Direct Object References (IDOR)
Software SP Project & Document Manager Type Plugin Vulnerable versions = 4.71 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-3748 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 1c7d92437a35 Credits...