2 matches found
CVE-2024-8102
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the modulealltoggleajax function in all versions up to, and including, 3.0.8. This makes it possible...
WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.8 is vulnerable to Broken Access Control
Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-8102 Patch priority High CVSS severity High 8.8 Developer WP Extended PSID 8ad5ce4a5ed9 Credits Mar...