2 matches found
CVE-2024-9628
CVE-2024-9628 affects the WordPress plugin WPS Telegram Chat . The vulnerability arises from a missing capability check in the function Wps_Telegram_Chat_Admin::checkСonnection , in versions up to and including 4.5.4 . This design flaw enables authenticated attackers with subscriber-level access ...
CVE-2024-9630
The CVE-2024-9630 entry concerns the WPS Telegram Chat plugin for WordPress. Affected versions: up to 4.5.4. Root cause: missing capability check when accessing messages, resulting in an authorization bypass. Impact: unauthenticated attackers can view messages sent through the Telegram Bot API (i...