EUVD-2023-59669

Malicious code in bioql PyPI...

CVE-2023-7289

The Paytium: Mollie payment forms & donations WordPress plugin (vulnerable up to 4.3.7) has an authorization flaw in the paytium_sw_save_api_keys function due to a missing capability check. This allows authenticated users with subscriber-level access to update API keys. Affected product: Paytium ...

WordPress plugin Paytium: Mollie payment forms & donations 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...

VulnCheck KEV: CVE-2023-7289

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytiumswsaveapikeys function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

CVE-2021-22149

Elastic Enterprise Search App Search versions prior to 7.14.0 are affected by a missing authorization weakness for API keys via an alternate route, enabling an authenticated attacker to use API keys belonging to higher-privileged users. Root cause: API keys not properly bound/authorized in altern...