CVE-2023-23729 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change Vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

CVE-2023-23729

The CVE-2023-23729 issue affects Brainstorm Force Spectra (WordPress Gutenberg Blocks plugin) versions up to 2.3.0, caused by missing/incorrect authorization in access control settings. Multiple sources (Patchstack, NVD-driven entries, EUVD, Red Hat) describe this as a Broken Access Control vulne...

CVE-2024-5541

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ibtanavisualeditorregisterajaxjsonendpont' function in all versions up to, and including, 1.2.3.3. This makes it possible for unauthenticated...

KiviCare Management System < 3.2.1 - Subscriber+ Unauthorised AJAX Calls

The plugin does not have proper CSRF and authorisation checks in various AJAX actions, allowing any authenticated users, such as subscriber to call them. Attacks include but are not limited to: Add arbitrary Clinic Admin/Doctors/etc and update plugin's settings Run one of the below commands in th...