Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/02/05 4:33 a.m.15 views

CVE-2024-9215

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the actioneditedauthor due to missing...

8.8CVSS8.7AI score0.00498EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/10/17 2:6 a.m.13 views

CVE-2024-9215 Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors <= 4.7.1 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary User Email Update and Account Takeover

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the actioneditedauthor due to missing...

8.8CVSS7.1AI score0.00498EPSS
Exploits0References3
cvelist
cvelist
added 2024/10/17 2:6 a.m.26 views

CVE-2024-9215 Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors <= 4.7.1 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary User Email Update and Account Takeover

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the actioneditedauthor due to missing...

8.8CVSS0.00498EPSS
Exploits0References3
patchstack
patchstack
added 2024/10/16 12:0 a.m.14 views

WordPress PublishPress Authors Plugin <= 4.7.1 is vulnerable to Privilege Escalation

Software PublishPress Authors Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.7.2 OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-9215 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID dc9bff13d8f2 Credits wesley wcraft Required...

8.8CVSS6.5AI score0.00498EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder