Wp Extended Security Vulnerabilities and Issues — Wp Extended CVE List

Lucene search

WpextendedWp Extended

3 matches found

CVE•added 2025/02/12 4:15 a.m.•47 views

CVE-2024-13554

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the reorder_route() function in all versions up to, and including, 3.0.13. This makes it possible for unauthenticated attackers to reorder po...

5.3CVSS5.1AI score0.00071EPSS

CVE•added 2024/09/04 7:15 a.m.•39 views

CVE-2024-8123

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.8 via the duplicate_post function due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...

5.4CVSS5.6AI score0.00126EPSS

CVE•added 2024/09/04 7:15 a.m.•36 views

CVE-2024-8121

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpext_change_admin_name() function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers,...

5.4CVSS4.9AI score0.00126EPSS