2 matches found
CVE-2025-5483 LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation
The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...
org.apache.syncope:syncope-core-upgrader (>=1.2.0 <=1.2.10), org.apache.syncope:syncope-standalone (>=1.1.0 <=1.1.8) potentially affected by CVE-2018-1321 via org.apache.syncope:syncope-core (>=1.1.0 <=1.2.10)
org.apache.syncope:syncope-core MAVEN version =1.1.0, =1.2.0, =1.1.0, =1.1.8 Source cves: CVE-2018-1321 Source advisory: OSV:GHSA-XGC9-9W4V-H33H...