4 matches found
CVE-2024-6155
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated Subscriber+ Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in the greenshiftdownloadfilelocaly function...
CVE-2024-6155
creationtimestamp| type| source ---|---|--- 2025-01-09 11:16:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfckibh7ou2m 2025-01-09 12:14:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/927 2025-01-09 12:44:37+00:00| seen| https://t.me/cvedetector/14828...
CVE-2024-6155
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated Subscriber+ Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in the greenshiftdownloadfilelocaly function...
CVE-2024-6155 Greenshift – animation and page builder blocks <= 9.0.0 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery and Stored Cross-Site Scripting
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated Subscriber+ Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in the greenshiftdownloadfilelocaly function...