4 matches found
CVE-2024-10002
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905. This is due to insufficient validation and capability check on the 'roveridxrefreshsocialcallback' function. This makes it possible for authenticated attackers, with...
CVE-2024-10002
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905. This is due to insufficient validation and capability check on the 'roveridxrefreshsocialcallback' function. This makes it possible for authenticated attackers, with...
CVE-2024-10002
CVE-2024-10002 — Rover IDX WordPress plugin : Authentication bypass in versions up to and including 3.0.0.2905 due to insufficient validation in rover_idx_refresh_social_callback, allowing authenticated users with subscriber-level permissions and above to log in as an administrator. Wordfence rep...
PT-2024-15967 · WordPress · Rover Idx Plugin
Name of the Vulnerable Software and Affected Versions: Rover IDX plugin for WordPress versions up to and including 3.0.0.2905 Description: The issue arises from insufficient validation and capability check on the rover idx refresh social callback function, allowing authenticated attackers with...