48 matches found
Authorization
The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...
Authorization
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated attackers to change arbitrary WordPress...
Authorization
The uListing plugin for WordPress is vulnerable to authorization bypass due to missing capability checks, and a missing security nonce, on the UlistingUserRole::saveroleapi function in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to arbitrarily delete...
Authorization
The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Content Injection in versions up to, and including, 18.2. This is due to lacking authorization protections, checks against users editing other's posts, and lacking a security nonce, all on the wpfmeditfiletitledesc AJ...
CVE-2021-4381 uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route
The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...
CVE-2021-4381 uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route
The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...
CVE-2021-4371 WP Quick FrontEnd Editor <= 5.5 - Authenticated Settings Change
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Setting Changs in versions up to, and including, 5.5. This is due to lacking both a security nonce and a capabilities check. This makes it possible for low-authenticated attackers to change plugin settings even when they do not ha...
CVE-2021-4371
The CVE-2021-4371 entry concerns the WP Quick FrontEnd Editor WordPress plugin, affected through version 5.5. The underlying issue is a missing security nonce and missing capabilities check, enabling low-authenticated attackers to change plugin settings they should not be able to modify. This vul...
CVE-2021-4368 Frontend File Manager <= 18.2 - Authenticated Settings Change leading to Arbitrary File Upload
The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to lacking capability checks and a security nonce, all on the wpfmsavesettings AJAX action. This makes it possible for subscriber-level attackers to ed...
CVE-2021-4368 Frontend File Manager <= 18.2 - Authenticated Settings Change leading to Arbitrary File Upload
The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to lacking capability checks and a security nonce, all on the wpfmsavesettings AJAX action. This makes it possible for subscriber-level attackers to ed...
CVE-2021-4359 Frontend File Manager Plugin <= 18.2 - Unauthenticated Arbitrary Post Deletion
The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 18.2. This is due to lacking authentication protections and lacking a security nonce on the wpfmdeletefile AJAX action. This makes it possible for...
CVE-2021-4357 uListing <= 1.6.6 - Unauthenticated Arbitrary Post/Page Deletion
The uListing plugin for WordPress is vulnerable to authorization bypass due to missing capability checks, and a missing security nonce, on the UlistingUserRole::saveroleapi function in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to arbitrarily delete...
CVE-2021-4357 uListing <= 1.6.6 - Unauthenticated Arbitrary Post/Page Deletion
The uListing plugin for WordPress is vulnerable to authorization bypass due to missing capability checks, and a missing security nonce, on the UlistingUserRole::saveroleapi function in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to arbitrarily delete...
CVE-2021-4357
Summary : The WordPress uListing plugin is vulnerable to an authorization bypass in the function UlistingUserRole::save_role_api up to and including version 1.6.6 . The root cause is missing capability checks and a missing security nonce, which could allow unauthenticated attackers to arbitrarily...
CVE-2020-36700 Page Builder: KingComposer < 2.9.4 - Authorization Bypass due to Improper Access Control
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated attackers to change arbitrary WordPress...
CVE-2020-36700 Page Builder: KingComposer < 2.9.4 - Authorization Bypass due to Improper Access Control
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated attackers to change arbitrary WordPress...
CVE-2020-36700
The CVE-2020-36700 entry concerns the WordPress Page Builder: KingComposer plugin. Affected component: KingComposer Page Builder for WordPress (versions up to and including 2.9.3). Root cause: an authorization bypass due to a security nonce being leaked on /wp-admin/index.php. Impact: authenticat...
CVE-2021-4341 uListing <= 1.6.6 - Unauthenticated Wordpress Options Changes via AJAX
The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a missing security nonce in the stmupdateemaildata AJAX action in versions up to, and including, 1.6.6. This makes it possible for unauthenticated...
CVE-2021-4341
Product: WordPress uListing plugin. Vulnerability: Authorization bypass via Ajax in the stm_update_email_data action due to missing capability checks, missing input validation, and a missing security nonce. Affects versions up to and including 1.6.6. Impact: Unauthenticated attackers can change a...
CVE-2021-4341 uListing <= 1.6.6 - Unauthenticated Wordpress Options Changes via AJAX
The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a missing security nonce in the stmupdateemaildata AJAX action in versions up to, and including, 1.6.6. This makes it possible for unauthenticated...