5 matches found
CVE-2024-4355
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the stopbadbotsgetajaxdata function in all versions up to, and including, 10.23. This makes it possible for...
CVE-2024-4355 Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 10.23 - Missing Authorization to Information Expsoure
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the stopbadbotsgetajaxdata function in all versions up to, and including, 10.23. This makes it possible for...
CVE-2024-4355
The CVE-2024-4355 entry concerns the WordPress plugin Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection. The root cause is a missing capability check in the stopbadbots_get_ajax_data() function affecting all versions up to 10.24, enabling authenticated users with subs...
CVE-2024-4355 Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 10.23 - Missing Authorization to Information Expsoure
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the stopbadbotsgetajaxdata function in all versions up to, and including, 10.23. This makes it possible for...
WordPress StopBadBots Plugin <= 10.23 is vulnerable to Broken Access Control
Software StopBadBots Type Plugin Vulnerable versions = 10.23 Fixed in 10.24 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4355 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c1d3c12009e3 Credits Krzysztof Zając Required privilege...