3 matches found
CVE-2024-8427 Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveglobalsettings and processformedit functions in all versions up to, and including, 1.2.2. This makes i...
CVE-2024-8427 Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveglobalsettings and processformedit functions in all versions up to, and including, 1.2.2. This makes i...
WordPress Frontend Post Submission Manager Lite Plugin <= 1.2.2 is vulnerable to Broken Access Control
Software Frontend Post Submission Manager Lite Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8427 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ea5d9d3b8976 Credits Lucio Sá...