2 matches found
CVE-2019-15771
Summary: CVE-2019-15771 affects the WordPress plugin “nd-shortcodes” prior to version 6.0. A nopriv_ AJAX action in the plugin allows modification of the siteurl setting. Impact (as stated): This could enable an unauthenticated/privilege-abuse scenario by changing WordPress site URL related confi...
CVE-2019-15772
The nd-donations plugin before 1.4 for WordPress has a nopriv AJAX action that allows modification of the siteurl setting...