WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Surfer versions = 1.6.4.574...

CVE-2025-58603 WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through = 1.6.4.574...

CVE-2025-58603 WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through = 1.6.4.574...

CVE-2025-58603

CVE-2025-58603 : A missing-authorization issue affects the WordPress plugin Surfer (SurferSEO) up to version 1.6.4.574 . The vulnerability arises from incorrectly configured access control enabling unauthorized access to protected functionality. Reported as a WordPress plugin issue and tracked in...

WordPress plugin Surfer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-35037 WordPress Surfer plugin <= 1.3.2.357 - Broken Access Control vulnerability

Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through = 1.3.2.357...

WordPress plugin Surfer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-49299 WordPress Surfer plugin <= 1.5.0.502 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Surfer Surfer surferseo allows SQL Injection.This issue affects Surfer: from n/a through = 1.5.0.502...

WordPress plugin Surfer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress Surfer plugin <= 1.5.0.502 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyễn Trung Kiên Patchstack Alliance in WordPress Plugin Surfer versions = 1.5.0.502...

WordPress Surfer Plugin <= 1.5.0.502 is vulnerable to SQL Injection

Software Surfer Type Plugin Vulnerable versions = 1.5.0.502 Fixed in 1.6.0.523 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49299 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d0e40de8a6d2 Credits Nguyễn Trung Kiên anhchangmutrang Required privile...

Surfer < 1.3.3.379 - Missing Authorization

Description The Surfer plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on several functions, such as removepostdraftconnection, checkdraftstatus, getlocations, getajaxsurferconnecturl, disconnectsurferfromwp, and...

WordPress Surfer Plugin <= 1.3.2.357 is vulnerable to Broken Access Control

Software Surfer Type Plugin Vulnerable versions = 1.3.2.357 Fixed in 1.3.3.379 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35037 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID fee59b89530e Credits Jonas Höbenreich Required...