2 matches found
WordPress WPZOOM Social Feed Widget & Block plugin <= 2.1.13 - Missing Authorization to Authenticated (Subscriber+) Instagram Image Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Instagram Image Deletion vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin WPZOOM Social Feed Widget & Block versions = 2.1.13...
CVE-2024-3662
CVE-2024-3662 affects the WPZOOM Social Feed Widget & Block plugin for WordPress. The vulnerability is due to a missing capability check in the function wpzoom_instagram_clear_data(), present in all versions up to and including 2.1.13. This allows authenticated attackers with subscriber-level acc...