3 matches found
CVE-2024-9262
creationtimestamp| type| source ---|---|--- 2024-11-09 02:21:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113450606746142202 2024-11-09 04:55:25+00:00| seen| https://t.me/cvedetector/10260...
CVE-2024-9262 User Meta – User Profile Builder and User management plugin <= 3.1.1 - Insecure Direct Object Reference to Sensitive Information Exposure
The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.1.1 via the getUser due to missing validation on a user controlled key. This makes it possible for authenticated attackers...
WordPress User Meta Plugin <= 3.1 is vulnerable to Sensitive Data Exposure
Software User Meta Type Plugin Vulnerable versions = 3.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-9262 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 36e1a1a8053d Credits wesley wcraft Required privilege...