18 matches found
CVE-2026-27056
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056 WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056 WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
CVE-2026-27056
The CVE-2026-27056 entry concerns the WordPress plugin StellarWP iThemes Sync (WordPress) with a Broken/Missing Authorization vulnerability in its access control. Affected software: iThemes Sync plugin versions up to and including 3.2.8. Root cause inferred from descriptions: misconfigured access...
PT-2026-20762
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
WordPress plugin iThemes Sync 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin iThemes Sync versions = 3.2.8...
CVE-2023-40001
Missing Authorization vulnerability in SolidWP iThemes Sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through 2.1.13...
EUVD-2023-44624
Malicious code in bioql PyPI...
CVE-2023-40001
Missing Authorization vulnerability in SolidWP iThemes Sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through 2.1.13...
CVE-2023-40001 WordPress iThemes Sync plugin <= 2.1.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in SolidWP iThemes Sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through 2.1.13...
CVE-2023-40001 WordPress iThemes Sync plugin <= 2.1.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in SolidWP iThemes Sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through 2.1.13...
WordPress plugin iThemes Sync 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
iThemes Sync < 2.1.14 - Cross-Site Request Forgery and Missing Authorization via 'hide_authenticate_notice'
Description The iThemes Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.13. This is due to missing or incorrect nonce validation on the hideauthenticatenotice function. This makes it possible for unauthenticated attackers to hide admin...
WordPress iThemes Sync Plugin < 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Software iThemes Sync Type Plugin Vulnerable versions 3.0.1 Fixed in 3.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID da91ec2d1342 Credits Robin Wood Required privilege...
WordPress iThemes Sync Plugin <= 2.1.13 is vulnerable to Broken Access Control
Software iThemes Sync Type Plugin Vulnerable versions = 2.1.13 Fixed in 2.1.14 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40001 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dfebd44ecd2d Credits Abdi Pranata Required privileg...
WordPress iThemes Sync plugin <= 2.0.17 - Insufficient Secure Key Validation vulnerability
Insufficient Secure Key Validation vulnerability found in WordPress iThemes Sync plugin versions = 2.0.17. Solution Update the WordPress iThemes Sync plugin to the latest available version at least 2.0.18...