6 matches found
CVE-2024-7380
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...
CVE-2024-7380
CVE-2024-7380 — Geo Controller (WordPress) security issue : The Geo Controller plugin (WordPress) up to and including version 8.6.9 is vulnerable to unauthorized menu creation/deletion due to missing capability checks in ajax__geolocate_menu and ajax__geolocate_remove_menu. Affected product: Geo ...
WordPress Restaurant Menu and Food Ordering plugin <= 2.4.16 - Missing Authorization to Menu Creation vulnerability
Missing Authorization to Menu Creation vulnerability discovered by Lucio Sá in WordPress Plugin Five Star Restaurant Menu versions = 2.4.16...
WordPress Advance Menu Manager plugin <= 3.0.1 - Unauthorized Menu Creation/Deletion vulnerability
Unauthorized Menu Creation/Deletion vulnerability discovered by WPScanTeam in WordPress Advance Menu Manager plugin versions = 3.0.1 Solution Update the WordPress Advance Menu Manager plugin to the latest available version at least 3.0.2...