Lucene search

K

Idxbroker Security Vulnerabilities

cve
cve

CVE-2020-9514

An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.php allows a logged-in user (with the Subscriber role) to permanently delete arbitrary posts and pages, create new posts with arbitrary subjects, and modify the subjects of existing posts and pages...

6.5CVSS

6.4AI Score

0.001EPSS

2020-04-07 05:15 PM
48
cve
cve

CVE-2020-11512

Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 allows authenticated attackers with minimal (subscriber-level) permissions to save arbitrary JavaScript in the plugin's settings panel via the idx_update_recaptcha_key AJAX action and a crafted idx_recaptcha_site_key parameter,....

5.4CVSS

5.1AI Score

0.001EPSS

2020-04-07 05:15 PM
49