5 matches found
CVE-2024-10527
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
WordPress WooBuddy plugin <= 3.4.25 - Cross-Site Request Forgery to Limited Settings Update vulnerability
Cross-Site Request Forgery to Limited Settings Update vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin WooBuddy versions = 3.4.25...
WordPress MIMO Woocommerce Order Tracking plugin <= 1.0.2 - Missing Authorization to Limited Settings Update vulnerability
Missing Authorization to Limited Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin MIMO Woocommerce Order Tracking versions = 1.0.2...
CVE-2024-10527
The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motechspacercallback function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view...
WordPress WP Accessibility Helper plugin <= 0.6.2.8 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Limited Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin WP Accessibility Helper WAH versions = 0.6.2.8...