4 matches found
WordPress NitroPack plugin <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Transient Update vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Transient Update vulnerability discovered by Sean Murphy in WordPress Plugin NitroPack versions = 1.17.0...
EUVD-2024-34381
Malicious code in bioql PyPI...
CVE-2024-11851
The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropackrmlnotification function in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with subscriber access or higher...
CVE-2024-11851 NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Transient Update
The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropackrmlnotification function in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with subscriber access or higher...