13 matches found
EUVD-2024-49732
Malicious code in bioql PyPI...
CVE-2024-9104
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.3. This is due to the improper empty value check and a missing default activated value check in the 'ultimateaichangepass' function. This makes it possible for unauthenticated...
CVE-2024-9105
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimateairegisterorloginwithgoogle' function. This makes it possible for unauthenticated attackers to lo...
CVE-2024-9105 UltimateAI <= 2.8.3 - Authentication Bypass
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimateairegisterorloginwithgoogle' function. This makes it possible for unauthenticated attackers to lo...
CVE-2024-9105
CVE-2024-9105 — UltimateAI WordPress plugin authentication bypass The UltimateAI plugin for WordPress (Ultimate AI) is vulnerable to an authentication bypass in versions up to 2.8.3. The root cause is insufficient verification on the user parameter in the function ultimate_ai_register_or_login_wi...
CVE-2024-9105 UltimateAI <= 2.8.3 - Authentication Bypass
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimateairegisterorloginwithgoogle' function. This makes it possible for unauthenticated attackers to lo...
CVE-2024-9104 UltimateAI <= 2.8.3 - Limited User Password Change due to Improper Empty and Missing Default Value Check
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.3. This is due to the improper empty value check and a missing default activated value check in the 'ultimateaichangepass' function. This makes it possible for unauthenticated...
CVE-2024-9104
CVE-2024-9104 (UltimateAI for WordPress) is an authentication bypass vulnerability affecting UltimateAI plugin versions up to 2.8.3. The root cause is an improper empty-value check and a missing default activated value check in the function ultimate_ai_change_pass, enabling unauthenticated attack...
CVE-2024-9104 UltimateAI <= 2.8.3 - Limited User Password Change due to Improper Empty and Missing Default Value Check
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.3. This is due to the improper empty value check and a missing default activated value check in the 'ultimateaichangepass' function. This makes it possible for unauthenticated...
WordPress UltimateAI plugin <= 2.8.3 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by István Márton in WordPress Plugin UltimateAI versions = 2.8.3...
PT-2024-39432 · WordPress · Ultimateai
Name of the Vulnerable Software and Affected Versions: UltimateAI plugin for WordPress versions up to, and including, 2.8.3 Description: The issue is due to the improper empty value check and a missing default activated value check in the ultimate ai change pass function. This allows...
WordPress plugin UltimateAI 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin UltimateAI 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...