Ideapush@* Security Vulnerabilities and Issues — Ideapush@* CVE List

Lucene search

NorthernbeacheswebsitesIdeapush*

8 matches found

CVE•added 2025/02/14 1:15 p.m.•51 views

CVE-2025-24607

Missing Authorization vulnerability in Northern Beaches Websites IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IdeaPush: from n/a through 8.71.

9.8CVSS7AI score0.00068EPSS

CVE•added 2024/12/09 1:15 p.m.•47 views

CVE-2023-48774

Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.

5.4CVSS5.6AI score0.00114EPSS

CVE•added 2024/10/20 11:15 a.m.•45 views

CVE-2024-49275

Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69.

8.8CVSS6.4AI score0.00035EPSS

CVE•added 2024/12/03 9:15 a.m.•44 views

CVE-2024-11844

The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and abo...

4.3CVSS4.3AI score0.0005EPSS

CVE•added 2024/07/21 10:15 p.m.•43 views

CVE-2024-37461

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65.

7.1CVSS6.9AI score0.00127EPSS

CVE•added 2023/11/08 7:15 p.m.•37 views

CVE-2023-47181

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin

4.8CVSS5AI score0.00164EPSS

CVE•added 2024/07/22 9:15 a.m.•36 views

CVE-2024-37265

6.5CVSS6.4AI score0.00064EPSS

CVE•added 2024/10/06 12:15 p.m.•32 views

CVE-2024-44041

5.9CVSS6.1AI score0.00062EPSS