6 matches found
WordPress Pubnews 1.0.7 Arbitrary Plugin Installation
WordPress Pubnews theme versions 1.0.7 and below suffer from an unauthenticated arbitrary plugin installation vulnerability...
Exploit for CVE-2024-10578
CVE-2024-10578: Pubnews = 1.0.7 - Unauthenticated Arbitrary P...
CVE-2024-10578 Pubnews <= 1.0.7 - Authenticated (Subscriber+) Arbitrary Plugin Installation
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pubnewsimporterpluginactionfornotice function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2024-10578 Pubnews <= 1.0.7 - Authenticated (Subscriber+) Arbitrary Plugin Installation
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pubnewsimporterpluginactionfornotice function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Subscriber-level...
WordPress plugin Pubnews 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Pubnews theme <= 1.0.7 - Unauthenticated Arbitrary Plugin Installation vulnerability
Unauthenticated Arbitrary Plugin Installation vulnerability discovered by Kevin Murphy knmurphy in WordPress Theme Pubnews versions = 1.0.7...