4 matches found
CVE-2024-9626
The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...
CVE-2024-9626 Editorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured Image
The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...
CVE-2024-9626
CVE-2024-9626 affects Editorial Assistant by Sovrn for WordPress (
WordPress Editorial Assistant by Sovrn Plugin <= 1.3.3 is vulnerable to Broken Access Control
Software Editorial Assistant by Sovrn Type Plugin Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9626 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5ac4306ffbd Credits István Márton...