2 matches found
CVE-2024-7429 Zotpress <= 7.3.12 - Missing Authorization
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ZotpressprocessaccountsAJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress Zotpress Plugin <= 7.3.12 is vulnerable to Broken Access Control
Software Zotpress Type Plugin Vulnerable versions = 7.3.12 Fixed in 7.3.13 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7429 Patch priority Low CVSS severity Low 5.4 Developer Katie Seaborn PSID 211b01447936 Credits Rafshanzani Suhada Required privilege...