Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/07/22 12:0 a.m.14 views

WordPress Getwid – Gutenberg Blocks Plugin <= 2.0.10 is vulnerable to Broken Access Control

Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 2.0.10 Fixed in 2.0.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6491 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 17de91b96aed Credits Peter Thaleikis...

4.3CVSS6.6AI score0.00378EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/07/20 7:15 a.m.42 views

CVE-2024-6491

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimpapikeymanage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/20 6:43 a.m.43 views

CVE-2024-6491 Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authentication to MailChimp API key update

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimpapikeymanage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS0.00378EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/20 6:43 a.m.13 views

CVE-2024-6491 Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authentication to MailChimp API key update

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimpapikeymanage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS6.4AI score0.00378EPSS
Exploits0References3
Rows per page
Query Builder