2 matches found
CVE-2024-5654 CF7 Google Sheets Connector <= 5.0.9 - Missing Authorization to Limited Site Configuration Update
The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'executepostdatacg7free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site...
WordPress CF7 Google Sheets Connector Plugin <= 5.0.9 is vulnerable to Broken Access Control
Software CF7 Google Sheets Connector Type Plugin Vulnerable versions = 5.0.9 Fixed in 5.0.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5654 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 90b82cd51794 Credits 1337Wannabe...