31 matches found
EUVD-2024-28464
Malicious code in bioql PyPI...
CVE-2024-30544
Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30544
Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30544
Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30544 WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30544
CVE-2024-30544 is a Missing Authorization (broken access control) vulnerability in UPQODE Whizzy (WordPress plugin). The issue affects Whizzy versions up to 1.1.18 and could allow unauthorized access due to insufficient access-control checks. Public sources in the connected documents identify the...
CVE-2024-30544 WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18...
PT-2024-23474 · Upqode · Upqode Whizzy
Name of the Vulnerable Software and Affected Versions: UPQODE Whizzy versions 1.1.18 and earlier Description: A Missing Authorization issue affects the software, potentially allowing unauthorized access. The estimated number of affected devices is not specified. There is no information about...
WordPress plugin Whizzy security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Whizzy <= 1.1.18 - Authenticated (Subscriber+) Insecure Direct Object Reference
Description The Whizzy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.18 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...
Whizzy <= 1.1.18 - Missing Authorization
Description The Whizzy plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.18. This makes it possible for unauthenticated attackers to perform an unauthorized action...
CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...
CVE-2024-30543
CVE-2024-30543 is an authorization bypass via a user-controlled key in the UPQODE Whizz/Whizzy WordPress plugin, affecting versions from n/a to 1.1.18. The CVSS 3.1 base score is 6.5 (Network attack, Low attack complexity, Privileges Required: None, User Interaction: None, Confidentiality/Integri...
PT-2024-23473 · Whizzy · Whizzy
Name of the Vulnerable Software and Affected Versions: Whizzy versions 1.1.18 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. Recommendations: For versions 1.1.18 and earlier, update to a version that contains a fix for this issu...
WordPress Plugin Whizzy 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Whizzy versions = 1.1.18...
WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Whizzy versions = 1.1.18...
WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Broken Access Control
Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-30544 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c8ad96cc8257 Credits Steven Julian Required privilege...
WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Insecure Direct Object References (IDOR)
Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-30543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 58661e758181 Credits Steven Julian Required...