3 matches found
CVE-2024-9627
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'serviceprocess' function in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to view the Telegram Bot...
CVE-2024-9627 TeploBot - Telegram Bot for WP <= 1.3 - Telegram Bot Token Disclosure
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'serviceprocess' function in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to view the Telegram Bot...
WordPress TeploBot - Telegram Bot for WP Plugin <= 1.3 is vulnerable to Sensitive Data Exposure
Software TeploBot - Telegram Bot for WP Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-9627 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 5b587e0ba22b Credits István Márton...