5 matches found
EUVD-2023-23314
Malicious code in bioql PyPI...
CVE-2024-0869
The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license...
Instant Images < 6.1.1 - Author+ Arbitrary Options Update
Description The plugin is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license REST API endpoint, allowing authors and higher to update arbitrary options...
CVE-2023-1022
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to update google...
CVE-2023-1022 WP Meta SEO <= 4.5.3 - Missing Authorization in 'wpmsGGSaveInformation'
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to update google...