Lucene search
K

3 matches found

Cvelist
Cvelist
added 2024/10/23 6:45 a.m.28 views

CVE-2024-9583 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing Authorization

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprssajaxsendpremiumsupport function in all versions up to, and including, 4.23.12. This makes it possible f...

4.3CVSS0.004EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/23 6:45 a.m.12 views

CVE-2024-9583 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing Authorization

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprssajaxsendpremiumsupport function in all versions up to, and including, 4.23.12. This makes it possible f...

4.3CVSS6.2AI score0.004EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/22 12:0 a.m.16 views

WordPress WP RSS Aggregator Plugin <= 4.23.12 is vulnerable to Broken Access Control

Software WP RSS Aggregator Type Plugin Vulnerable versions = 4.23.12 Fixed in 4.23.13 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9583 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 83f2a48a109e Credits incognito Required...

5.4CVSS6.5AI score0.004EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder