3 matches found
CVE-2024-3915 Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update
The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sfeditdirectoryitem function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary posts with...
CVE-2024-3915 Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update
The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sfeditdirectoryitem function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary posts with...
WordPress Swift Framework Plugin <= 2.7.31 is vulnerable to Broken Access Control
Software Swift Framework Type Plugin Vulnerable versions = 2.7.31 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3915 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f340f37317d4 Credits Francesco Carlucci Required...