2 matches found
WordPress DirectoryPress Plugin <= 3.6.10 is vulnerable to SQL Injection
Software DirectoryPress Type Plugin Vulnerable versions = 3.6.10 Fixed in 3.6.11 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38755 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID d658af932318 Credits Peng Zhou Required privilege Contributor Publish...
WordPress DirectoryPress Plugin <= 3.6.2 is vulnerable to Broken Access Control
Software DirectoryPress Type Plugin Vulnerable versions = 3.6.2 Fixed in 3.6.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37967 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f4392bc7ad6f Credits Abdi Pranata Required...