EUVD-2024-49436

Malicious code in bioql PyPI...

CVE-2024-8853

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a...

CVE-2024-8853

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a...

CVE-2024-8853

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a...

CVE-2024-8853

Vulnerability summary (CVE-2024-8853) The Webo-facto plugin for WordPress is affected in versions up to and including 1.40. The root cause is an insufficient restriction on the doSsoAuthentification function, enabling unauthenticated attackers to escalate privileges by registering with a username...

CVE-2024-8853 Webo-facto <= 1.40 - Unauthenticated Privilege Escalation

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a...

CVE-2024-8853 Webo-facto <= 1.40 - Unauthenticated Privilege Escalation

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a...

WordPress Webo-facto plugin <= 1.40 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by István Márton in WordPress Plugin Webo-facto versions = 1.40...

PT-2024-39277 · WordPress · Webo-Facto

Name of the Vulnerable Software and Affected Versions: Webo-facto plugin for WordPress versions up to, and including, 1.40 Description: The Webo-facto plugin for WordPress has a privilege escalation issue due to insufficient restriction on the doSsoAuthentification function. This allows...

WordPress plugin Webo-facto 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Webo-facto Plugin <= 1.40 is vulnerable to Privilege Escalation

Software Webo-facto Type Plugin Vulnerable versions = 1.40 Fixed in 1.41 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8853 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 15efb92b2d14 Credits István Márton...