WordPress Molongui Plugin <= 4.7.7 is vulnerable to Insecure Direct Object References (IDOR)

Software Molongui Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-30507 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID c7f745bc9de4 Credits CatFather Required...

WordPress Molongui Plugin <= 4.7.4 is vulnerable to Sensitive Data Exposure

Software Molongui Type Plugin Vulnerable versions = 4.7.4 Fixed in 4.7.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7014 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7b1a6ad036e9 Credits Krzysztof Zając Required privileg...

WordPress Molongui Plugin <= 4.7.3 is vulnerable to Broken Access Control

Software Molongui Type Plugin Vulnerable versions = 4.7.3 Fixed in 4.7.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-50876 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b92c55696b45 Credits Khalid Yusuf Required privilege...

WordPress Molongui Plugin <= 4.6.19 is vulnerable to Cross Site Scripting (XSS)

Software Molongui Type Plugin Vulnerable versions = 4.6.19 Fixed in 4.6.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-39164 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f13cec368476 Credits LEE SE HYOUNG...