Lucene search
K

4 matches found

NVD
NVD
added 2023/10/20 8:15 a.m.15 views

CVE-2023-4941

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsswap function. This makes it possible for authenticated attackers subscriber or higher to manipulate products...

4.3CVSS4AI score0.00479EPSS
Exploits0References3
Prion
Prion
added 2023/10/20 8:15 a.m.14 views

Authorization

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsswap function. This makes it possible for authenticated attackers subscriber or higher to manipulate products...

4CVSS4.1AI score0.00479EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/10/20 7:15 a.m.22 views

CVE-2023-4940

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobebulkoperationsswap function. This makes it possible for unauthenticated attackers to manipulate products via a forged...

4.3CVSS4.1AI score0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.3 views

WordPress Plugin BEAR Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.6AI score0.00286EPSS
Exploits0References4
Rows per page
Query Builder