5 matches found
CVE-2024-5770
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxsavesetting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permission...
CVE-2024-5770
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxsavesetting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permission...
CVE-2024-5770
CVE-2024-5770 concerns the WP Force SSL & HTTPS SSL Redirect WordPress plugin. According to the connected Red Hat advisory, versions up to and including 1.66 are affected by a missing capability check in the ajax_save_setting function, enabling authenticated users with subscriber-level permission...
CVE-2024-5770 WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxsavesetting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permission...
WordPress WP Force SSL & HTTPS SSL Redirect Plugin <= 1.66 is vulnerable to Broken Access Control
Software WP Force SSL & HTTPS SSL Redirect Type Plugin Vulnerable versions = 1.66 Fixed in 1.67 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5770 Patch priority Low CVSS severity Low 4.2 Developer WebFactory Ltd. PSID 7f10441c7ef7 Credits Foxyyy Require...