5 matches found
EUVD-2022-42880
Malicious code in bioql PyPI...
CVE-2022-3511
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector...
Design/Logic Flaw
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector...
CVE-2022-3511 Awesome Support < 6.1.2 - Subscriber+ Arbitrary Exported Tickets Download
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector...
WordPress Awesome Support plugin <= 6.1.1 - Auth. Arbitrary Exported Tickets Download vulnerability
Auth. Arbitrary Exported Tickets Download vulnerability discovered by dc11 in WordPress Awesome Support plugin versions = 6.1.1. Solution Update the WordPress Awesome Support plugin to the latest available version at least 6.1.2...