WordPress Exertio Framework Plugin <= 1.3.3 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Frank in WordPress Plugin Exertio Framework versions = 1.3.3...

CVE-2024-13373

The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.1. This is due to the plugin not properly validating a user's identity prior to updating their password through the flforgotpassnew function. This makes ...

CVE-2024-13373

The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.1. This is due to the plugin not properly validating a user's identity prior to updating their password through the flforgotpassnew function. This makes ...

CVE-2024-13373 Exertio Framework <= 1.3.1 - Unauthenticated Arbitrary User Password Update

The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.1. This is due to the plugin not properly validating a user's identity prior to updating their password through the flforgotpassnew function. This makes ...

CVE-2024-13373

CVE-2024-13373 affects Exertio Framework plugin for WordPress (all versions up to 1.3.1). The issue enables unauthenticated users to perform an arbitrary password update via fl_forgot_pass_new(), leading to privilege escalation and potential account takeover (including administrators). Mitigation...

CVE-2024-13373 Exertio Framework <= 1.3.1 - Unauthenticated Arbitrary User Password Update

The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.1. This is due to the plugin not properly validating a user's identity prior to updating their password through the flforgotpassnew function. This makes ...

WordPress plugin Exertio Framework 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Exertio Framework plugin <= 1.3.1 - Unauthenticated Arbitrary User Password Update vulnerability

Unauthenticated Arbitrary User Password Update vulnerability discovered by Foxyyy in WordPress Plugin Exertio Framework versions = 1.3.1...