Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 10:35 a.m.13 views

CVE-2024-8350

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

7.2CVSS6.5AI score0.01164EPSS
Exploits1References1
circl
circl
added 2024/09/25 5:57 a.m.8 views

CVE-2024-8350

creationtimestamp| type| source ---|---|--- 2024-09-25 05:57:29+00:00| seen| https://t.me/cvedetector/6279...

2.7CVSS4.8AI score0.00427EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/09/25 2:32 a.m.23 views

CVE-2024-8350 Uncanny Groups for LearnDash <= 6.1.0.1 - Missing Authorization to Authenticated (Group Leader+) User Group Add

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

2.7CVSS6.8AI score0.00427EPSS
Exploits1References2
cvelist
cvelist
added 2024/09/25 2:32 a.m.50 views

CVE-2024-8350 Uncanny Groups for LearnDash <= 6.1.0.1 - Missing Authorization to Authenticated (Group Leader+) User Group Add

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

2.7CVSS0.00427EPSS
Exploits1References2
patchstack
patchstack
added 2024/09/25 12:0 a.m.25 views

WordPress Uncanny Groups for LearnDash Plugin <= 6.1.0.1 is vulnerable to Broken Access Control

Software Uncanny Groups for LearnDash Type Plugin Vulnerable versions = 6.1.0.1 Fixed in 6.1.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8350 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID d89e217025ab Credits Karl Emil Nikka...

2.7CVSS6.7AI score0.00427EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder