Watchtower Security Vulnerabilities and Issues — Watchtower CVE List

Lucene search

WatchtowerhqWatchtower

3 matches found

CVE•added 2022/11/18 11:15 p.m.•64 views

CVE-2022-44583

Unauth. Arbitrary File Download vulnerability in WatchTowerHQ plugin

7.5CVSS7.5AI score0.00217EPSS

CVE•added 2022/11/18 11:15 p.m.•63 views

CVE-2022-44584

Unauth. Arbitrary File Deletion vulnerability in WatchTowerHQ plugin

9.1CVSS9.3AI score0.00166EPSS

CVE•added 2024/10/26 3:15 a.m.•36 views

CVE-2024-9933

The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.6. This is due to the 'watchtower_ota_token' default value is empty, and the not empty check is missing in the 'Password_Less_Access::login' function. This makes it possible for unauth...

9.8CVSS9.7AI score0.48851EPSS