4 matches found
CVE-2024-9302
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verifyotpforgotpassword and updatepassword functions not having enough controls to preve...
CVE-2024-9302 App Builder – Create Native Android & iOS Apps On The Flight <= 5.3.7 - Privilege Escalation and Account Takeover via Weak OTP
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verifyotpforgotpassword and updatepassword functions not having enough controls to preve...
CVE-2024-9302 App Builder – Create Native Android & iOS Apps On The Flight <= 5.3.7 - Privilege Escalation and Account Takeover via Weak OTP
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verifyotpforgotpassword and updatepassword functions not having enough controls to preve...
WordPress App Builder Plugin <= 5.3.7 is vulnerable to Broken Authentication
Software App Builder Type Plugin Vulnerable versions = 5.3.7 Fixed in 5.3.8 OWASP Top 10 A3: Injection Classification Broken Authentication CVE CVE-2024-9302 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 82e5ff2f8d20 Credits wesley wcraft Required privilege...