3 matches found
CVE-2024-5449 WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing <= 5.0.4 - Missing Authorization
The WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdmsocialsharesaveoptions function in all versions up to, and...
CVE-2024-5449
CVE-2024-5449 affects the WP Dark Mode – WordPress Dark Mode Plugin for WordPress. A missing capability check in wpdm_social_share_save_options allows authenticated users with Subscriber-level access and above to modify the plugin’s settings, impacting data integrity across all versions up to 5.0...
WordPress WP Dark Mode Plugin <= 5.0.4 is vulnerable to Broken Access Control
Software WP Dark Mode Type Plugin Vulnerable versions = 5.0.4 Fixed in 5.0.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5449 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fcf51369e44e Credits Peter Thaleikis Required privileg...