4 matches found
CVE-2024-6755
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpwautoposterquickdeletemultiple’ function in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to delete...
CVE-2024-6755 Social Auto Poster <= 5.3.14 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpwautoposterquickdeletemultiple’ function in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to delete...
CVE-2024-6755
The CVE-2024-6755 entry concerns the WordPress Social Auto Poster plugin (versions up to and including 5.3.14) suffering from a missing capability check in wpw_auto_poster_quick_delete_multiple, enabling unauthenticated actors to delete arbitrary posts. The connected data corroborates the root ca...
WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Broken Access Control
Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6755 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 68ae396383df Credits István Márton...