15 matches found
CVE-2026-3645
The Punnel – Landing Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.1. The saveconfig function, which handles the 'punnelsaveconfig' AJAX action, lacks any capability check currentusercan and nonce verification. This makes it...
EUVD-2026-14170
The Punnel – Landing Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.1. The saveconfig function, which handles the 'punnelsaveconfig' AJAX action, lacks any capability check currentusercan and nonce verification. This makes it...
CVE-2026-3645 Punnel <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Settings Update via 'punnel_save_config' AJAX Action
The Punnel – Landing Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.1. The saveconfig function, which handles the 'punnelsaveconfig' AJAX action, lacks any capability check currentusercan and nonce verification. This makes it...
CVE-2023-4627
The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveconfig function in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to update the...
WordPress Plugin LadiApp Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress Plugin LadiApp Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
LadiApp <= 4.4 - Cross-Site Request Forgery via save_config()
Description The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the saveconfig function in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to update the 'ladipageconfig' option via a forged request...
LadiApp <= 4.4 - Missing Authorization via save_config()
Description The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveconfig function in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to update t...
CVE-2023-6899 rmountjoy92 DashMachine Config save_config code injection
A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by this vulnerability is an unknown functionality of the file /settings/saveconfig of the component Config Handler. The manipulation of the argument valuetemplate leads to code injection. The exploit ha...
SUSE CVE-2015-7851
Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...
DEBIAN-CVE-2015-7851
Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...
CVE-2015-7851
Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...
CVE-2015-7851
Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...
CVE-2015-7851
Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...
CVE-2015-7851
CVE-2015-7851 is a directory traversal vulnerability in ntpd’s save_config path (ntp_control.c) affecting ntpd before 4.2.8p4. The issue arises on systems where directory separators differ (e.g., OpenVMS), allowing remote authenticated users to overwrite arbitrary files via crafted config saves. ...