NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced This makes it possible for authenticated attackers, with subscriber access or higher, to delete products. This is due to missing capability checks on the woobe_bulkoperations_delete function. The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.Īuthorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass.This issue affects AYBS: before 1.0.3. This is due to a missing capability check on the woobe_bulkoperations_apply_default_combination function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products. This is due to a missing capability check on the woobe_bulkoperations_swap function. This is due to a missing capability check on the woobe_bulkoperations_visibility function. Missing Authorization in GitHub repository hamza417/inure prior to build94. Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. Missing Authorization in GitHub repository hamza417/inure prior to Build95. Missing Authorization in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |