Lucene search
K

5 matches found

WPVulnDB
WPVulnDB
added 2022/07/25 12:0 a.m.25 views

Transposh WordPress Translation <= 1.0.8 - Unauthenticated Settings Change

The plugin does not have any authorisation in its tptranslation AJAX action, allowing unauthenticated users to call it...

5.3CVSS4.1AI score0.03644EPSS
Exploits6Affected Software1
Patchstack
Patchstack
added 2021/10/05 12:0 a.m.15 views

WordPress JobSearch premium plugin <= 1.8.1 - Unauthenticated Settings Change vulnerability

Unauthenticated Settings Change vulnerability discovered by Jerome Bruandet NinTechNet in WordPress JobSearch premium plugin versions = 1.8.1. Solution Update the WordPress JobSearch premium plugin to the latest available version at least 1.8.2...

2.6AI score
Exploits0References2Affected Software1
NVD
NVD
added 2020/08/31 4:15 p.m.22 views

CVE-2020-20627

The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change...

5.3CVSS5.5AI score0.01881EPSS
Exploits0References1
CVE
CVE
added 2020/08/31 4:0 p.m.49 views

CVE-2020-20627

The CVE-2020-20627 case concerns GiveWP for WordPress (up to version 2.5.9) where the file includes/gateways/stripe/includes/admin/admin-actions.php allows unauthenticated changes to plugin settings due to insecure access. This is evidenced by connected reports (Nuclei template) describing an una...

5.3CVSS5.4AI score0.01881EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/05/31 1:29 a.m.29 views

CVE-2018-11579

class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wpajaxnopriv usage. Anyone can change the plugin's setting by simply sending a request with a...

5.3CVSS5.3AI score0.00945EPSS
Exploits1References2
Rows per page
Query Builder