CVE-2024-9025

The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handlerposttitle' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose...

CVE-2024-9025

The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handlerposttitle' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose...

WordPress Sight plugin <= 1.1.2 - Missing Authorization to Sensitive Information Exposure in handler_post_title vulnerability

Missing Authorization to Sensitive Information Exposure in handlerposttitle vulnerability discovered by Francesco Carlucci in WordPress Plugin Sight versions = 1.1.2...

WordPress Sight Plugin <= 1.1.2 is vulnerable to Broken Access Control

Software Sight Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9025 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9329f95a0ef5 Credits Francesco Carlucci Required privilege...

WordPress plugin Sight 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...