CVE-2024-9025

The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handlerposttitle' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose...

CVE-2024-9025

The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handlerposttitle' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose...

WordPress Sight plugin <= 1.1.2 - Missing Authorization to Sensitive Information Exposure in handler_post_title vulnerability

Missing Authorization to Sensitive Information Exposure in handlerposttitle vulnerability discovered by Francesco Carlucci in WordPress Plugin Sight versions = 1.1.2...

WordPress plugin Sight 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Sight Plugin <= 1.1.2 is vulnerable to Broken Access Control

Software Sight Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9025 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9329f95a0ef5 Credits Francesco Carlucci Required privilege...