2 matches found
WordPress Simple Local Avatars Plugin <= 2.7.11 is vulnerable to Broken Access Control
Software Simple Local Avatars Type Plugin Vulnerable versions = 2.7.11 Fixed in 2.8.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10786 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 717b24faeea4 Credits Trương Hữu Phúc...
WordPress Simple Local Avatars Plugin <= 2.7.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simple Local Avatars Type Plugin Vulnerable versions = 2.7.10 Fixed in 2.7.11 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43116 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c02a424f233 Credits Rafie Muhamm...