3 matches found
CVE-2024-43962
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
CVE-2024-43962
CVE-2024-43962: WordPress LWS Affiliation plugin (versions ≤ 2.3.4) has a Missing/Incorrect Authorization vulnerability due to broken access control. This could allow an attacker with network access to bypass authorization checks and perform unauthorized actions on the affected plugin. The provid...
WordPress LWS Affiliation Plugin <= 2.3.4 is vulnerable to Broken Access Control
Software LWS Affiliation Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43962 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID a2763521797a Credits Fariq Fadillah Gusti Insani...