3 matches found
WordPress Simple Photoswipe Plugin <= 0.1 is vulnerable to Settings Change
Software Simple Photoswipe Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-5570 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 461ac97ab0b1 Credits Felipe Caon Required privilege...
CVE-2024-5570
The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...
CVE-2024-5570 Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update
The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...