2 matches found
CVE-2024-8199 Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update
The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updateapikey' function in all versions up to, and including, 1.1.2. This make...
WordPress Reviews Feed Plugin <= 1.1.2 is vulnerable to Broken Access Control
Software Reviews Feed Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8199 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID eb3754a5f963 Credits Sajjad Ahmad jacksparrow Required...