2 matches found
CVE-2024-4010 Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleajaxrequest function in all versions up to, and including, 5.7.19. This makes it possible for...
WordPress Email Subscribers & Newsletters Plugin <= 5.7.19 is vulnerable to Broken Access Control
Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.19 Fixed in 5.7.20 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4010 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID cfe3d5ec0618 Credits Arkadiusz...