Lucene search
Ooohboi Steroids For Elementor ProjectOoohboi Steroids For Elementor
2 matches found
CVE-2023-0336
The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.
6.5CVSS6.7AI score0.00072EPSS
Web
CVE-2023-1169
The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'file_uploader_callback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...
4.3CVSS4.4AI score0.00086EPSS