CVE-2024-33547 WordPress WZone plugin <= 14.0.10 - Site Wide Broken Access Control vulnerability

Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10...

WordPress WZone Plugin <= 14.0.33 is vulnerable to Broken Access Control

Software WZone Type Plugin Vulnerable versions = 14.0.33 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33545 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 24bb9a69dcd0 Credits Rafie Muhammad Patchstack Required...

WordPress WZone Plugin <= 14.0.33 is vulnerable to Broken Access Control

Software WZone Type Plugin Vulnerable versions = 14.0.33 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33547 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 0e636c441e01 Credits Rafie Muhammad Patchstack Required...

WordPress WZone Plugin <= 14.0.33 is vulnerable to Cross Site Scripting (XSS)

Software WZone Type Plugin Vulnerable versions = 14.0.33 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33548 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 056b1a28280e Credits Rafie Muhammad Patchstack Required privile...