WordPress plugin Whizzy security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Whizzy <= 1.1.18 - Missing Authorization

Description The Whizzy plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.18. This makes it possible for unauthenticated attackers to perform an unauthorized action...

Whizzy <= 1.1.18 - Authenticated (Subscriber+) Insecure Direct Object Reference

Description The Whizzy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.18 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30543 WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Whizzy versions = 1.1.18...

WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Broken Access Control

Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-30544 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c8ad96cc8257 Credits Steven Julian Required privilege...

WordPress Whizzy Plugin <= 1.1.18 is vulnerable to Insecure Direct Object References (IDOR)

Software Whizzy Type Plugin Vulnerable versions = 1.1.18 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-30543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 58661e758181 Credits Steven Julian Required...