Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2024/04/25 7:33 a.m.13 views

CVE-2024-3893 Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtclfbgalleryimagedelete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticate...

4.3CVSS6AI score0.00362EPSS
Exploits0References2
CVE
CVE
added 2024/04/25 7:33 a.m.90 views

CVE-2024-3893

CVE-2024-3893 affects the Classified Listing – Classified ads & Business Directory Plugin for WordPress. A missing capability check in the rtcl_fb_gallery_image_delete AJAX action allows authenticated users with subscriber-level access and above to delete arbitrary attachments on all versions up ...

4.3CVSS6.4AI score0.00362EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/25 7:33 a.m.25 views

CVE-2024-3893 Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtclfbgalleryimagedelete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticate...

4.3CVSS5.3AI score0.00362EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.11 views

WordPress Classified Listing Plugin <= 3.0.10.3 is vulnerable to Broken Access Control

Software Classified Listing Type Plugin Vulnerable versions = 3.0.10.3 Fixed in 3.0.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3893 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 79fa3de2925e Credits Lucio Sá Required...

5.3CVSS6.5AI score0.00362EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder