5 matches found
CVE-2024-12542
The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when including the 'phpinfo' function in all versions up to, and including, 0.1.2. This makes it possible for unauthenticated attackers to read configuration settings and predefined...
CVE-2024-12542 linkID <= 0.1.2 - Missing Authorization to Unauthenticated Sensitive Information Exposure
The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when including the 'phpinfo' function in all versions up to, and including, 0.1.2. This makes it possible for unauthenticated attackers to read configuration settings and predefined...
CVE-2024-12542 linkID <= 0.1.2 - Missing Authorization to Unauthenticated Sensitive Information Exposure
The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when including the 'phpinfo' function in all versions up to, and including, 0.1.2. This makes it possible for unauthenticated attackers to read configuration settings and predefined...
WordPress linkID plugin <= 0.1.2 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin linkID versions = 0.1.2...
PT-2025-1892 · WordPress · Linkid Plugin
Name of the Vulnerable Software and Affected Versions: linkID plugin for WordPress versions up to, and including, 0.1.2 Description: The issue arises from a missing capability check when including the 'phpinfo' function, allowing unauthorized access to data. This enables unauthenticated attackers...