5 matches found
📄 WordPress OttoKit 1.0.82 Privilege Escalation
WordPress OttoKit plugin versions 1.0.82 and below suffer from a privilege escalation vulnerability. This plugin used to be called SureTriggers. CVE-2025-27007: OttoKit SureTriggers Privilege Escalation Vulnerability Exploitation of CVE-2025-27007, a critical vulnerability in unauthorized privile...
CVE-2025-27007
Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privilege Escalation.This issue affects OttoKit: from n/a through = 1.0.82...
CVE-2025-27007
CVE-2025-27007 affects WordPress plugin SureTriggers (also called OttoKit) up to version 1.0.82. The vulnerability is an Incorrect Privilege Assignment that allows unauthenticated privilege escalation via the SureTriggers REST API endpoints, enabling an attacker to create an administrator account...
WordPress Flixita theme <= 1.0.82 - Reflected Cross-Site Scripting via id Parameter vulnerability
Reflected Cross-Site Scripting via id Parameter vulnerability discovered by vgo0 in WordPress Theme Flixita versions = 1.0.82...
WordPress BookingPress Plugin <= 1.0.81 is vulnerable to Insecure Direct Object References (IDOR)
Software BookingPress Type Plugin Vulnerable versions = 1.0.81 Fixed in 1.0.82 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-31296 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ca5ae451b3c Credits Steven Julian...