3 matches found
CVE-2024-37506
CVE-2024-37506 is a Missing Authorization vulnerability affecting WordPress plugin Charitable (Donation Forms by Charitable) up to version 1.8.1.7. The issue arises from access control that does not properly constrain certain functionality, enabling access to features not protected by ACLs. Publi...
CVE-2024-37506 WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
WordPress Charitable Plugin <= 1.8.1.7 is vulnerable to Broken Access Control
Software Charitable Type Plugin Vulnerable versions = 1.8.1.7 Fixed in 1.8.1.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37506 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4942d8e7ca80 Credits Manab Jyoti Dowarah Required...