2 matches found
CVE-2024-3936
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtTPGSaveSettings function in all versions up to, and including, 7.6.1. This makes it possible for...
WordPress The Post Grid Plugin <= 7.6.1 is vulnerable to Broken Access Control
Software The Post Grid Type Plugin Vulnerable versions = 7.6.1 Fixed in 7.7.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3936 Patch priority Low CVSS severity Low 4.3 Developer Mamunur Rashid PSID ba4fe441d17b Credits Pavel Palii Required privilege...