2 matches found
CVE-2024-5987
CVE-2024-5987 affects the WordPress WP Accessibility Helper (WAH) plugin. The flaw is a missing capability check in save_contrast_variations and save_empty_contrast_variations, enabling authenticated attackers with Subscriber-level access and above to modify contrast settings (edit/delete). All v...
CVE-2024-31423
CVE-2024-31423 affects the WP Accessibility Helper (WAH) plugin for WordPress, with a Missing Authorization vulnerability present in versions up to and including 0.6.2.5. Evidence from multiple sources (WAH CVE entries and enrichment notes) confirms a Broken Access Control issue enabling unauthor...