Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/09/25 6:49 a.m.11 views

CVE-2024-8290 WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.12 - Insecure Direct Object Reference to Account Takeover/Privilege Escalation

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFMCustomersManageController::processing function due to missing validation...

8.8CVSS8.6AI score0.00603EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/25 6:49 a.m.23 views

CVE-2024-8290 WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.12 - Insecure Direct Object Reference to Account Takeover/Privilege Escalation

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFMCustomersManageController::processing function due to missing validation...

8.8CVSS0.00603EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/25 12:0 a.m.19 views

WordPress WCFM – Frontend Manager for WooCommerce Plugin <= 6.7.12 is vulnerable to Privilege Escalation

Software WCFM – Frontend Manager for WooCommerce Type Plugin Vulnerable versions = 6.7.12 Fixed in 6.7.13 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8290 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID...

8.8CVSS6.6AI score0.00603EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder