9 matches found
CVE-2023-4293
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...
EUVD-2021-2335
Malware in sbrugna...
CVE-2023-4293
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...
PT-2023-6137 · WordPress · The Premium Packages – Sell Digital Products Securely
Name of the Vulnerable Software and Affected Versions: Premium Packages - Sell Digital Products Securely plugin for WordPress versions up to, and including, 5.7.4 Description: The issue is related to insufficient restriction on the wpdmpp update profile function, allowing authenticated attackers...
Improper privilege management in Keycloak
A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...
PT-2020-13991 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak versions prior to 12.0.0 Description: A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access...
keycloak: user can manage resources with just "view-profile" role using new Account Console
A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...
keycloak: user can manage resources with just "view-profile" role using new Account Console
A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...
keycloak: user can manage resources with just "view-profile" role using new Account Console
A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...