3 matches found
CVE-2024-9626
The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...
CVE-2024-9626 Editorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured Image
The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...
CVE-2024-9626 Editorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured Image
The Editorial Assistant by Sovrn plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxzemantasetfeaturedimage' function in versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-lev...