Lucene search
K

4 matches found

NVD
NVD
added 2024/10/26 3:15 a.m.13 views

CVE-2024-9626

The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...

4.3CVSS0.00273EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/26 1:58 a.m.9 views

CVE-2024-9626 Editorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured Image

The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...

4.3CVSS6.5AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2024/10/26 1:58 a.m.35 views

CVE-2024-9626

CVE-2024-9626 affects Editorial Assistant by Sovrn for WordPress (

4.3CVSS4.7AI score0.00273EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.10 views

WordPress Editorial Assistant by Sovrn Plugin <= 1.3.3 is vulnerable to Broken Access Control

Software Editorial Assistant by Sovrn Type Plugin Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9626 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5ac4306ffbd Credits István Márton...

4.3CVSS6.5AI score0.00273EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder