Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/04/07 2:31 a.m.6 views

CVE-2025-2933

The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awunimportsettings function in all versions up to, and including, 1.1.6. This makes it possible for...

8.8CVSS7.3AI score0.00366EPSS
Exploits0References1
Circl
Circl
added 2025/04/05 2:36 a.m.6 views

CVE-2025-2933

creationtimestamp| type| source ---|---|--- 2025-04-05 02:36:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10591 2025-04-05 03:48:22+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114283308691761771 2025-04-05 03:48:22+00:00| seen|...

8.8CVSS8.7AI score0.00366EPSS
Exploits0References4
NVD
NVD
added 2025/04/05 2:15 a.m.4 views

CVE-2025-2933

The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awunimportsettings function in all versions up to, and including, 1.1.6. This makes it possible for...

8.8CVSS0.00366EPSS
Exploits0References2
CVE
CVE
added 2025/04/05 1:44 a.m.60 views

CVE-2025-2933

The CVE-2025-2933 entry concerns the Email Notifications for Updates WordPress plugin. Root cause: missing capability check in awun_import_settings(), affecting all versions up to 1.1.6. This allows authenticated attackers with Subscriber-level access and above to modify arbitrary WordPress optio...

8.8CVSS7.3AI score0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/05 1:44 a.m.3 views

CVE-2025-2933 Email Notifications for Updates <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awunimportsettings function in all versions up to, and including, 1.1.6. This makes it possible for...

8.8CVSS7.2AI score0.00366EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/05 1:44 a.m.12 views

CVE-2025-2933 Email Notifications for Updates <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awunimportsettings function in all versions up to, and including, 1.1.6. This makes it possible for...

8.8CVSS0.00366EPSS
Exploits0References2
Rows per page
Query Builder