4 matches found
WordPress LWS Affiliation Plugin <= 2.3.4 is vulnerable to Broken Access Control
Software LWS Affiliation Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43962 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID a2763521797a Credits Fariq Fadillah Gusti Insani...
WordPress Custom Font Uploader Plugin <= 2.3.4 is vulnerable to Broken Access Control
Software Custom Font Uploader Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5489 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ec1d5e78e0ec Credits Lucio Sá Required privile...
WordPress EazyDocs Plugin < 2.3.4 is vulnerable to SQL Injection
Software EazyDocs Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-6035 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 6ad682fb44ae Credits Dao Xuan Hieu Required privilege Subscriber Published 19...
WordPress User Activity Log Pro Plugin < 2.3.4 is vulnerable to Bypass Vulnerability
Software User Activity Log Pro Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-5133 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 06c08325ccb9 Credits Bartlomiej Marek and...