Headline

CVE-2022-34867: Fix vulnerability by k1sul1 · Pull Request #54 · libreform/libreform

Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8.

2 years ago

CVE

Open in Source

#vulnerability #wordpress #auth

@@ -25,7 +25,6 @@ public function registerSubmissionsEndpoints() { ‘callback’ => [$this, $endpoint], ‘methods’ => [‘GET’], ‘permission_callback’ => '\WPLF\currentUserIsAllowedToUse’, ‘permission_callback’ => '__return_true’, ]);
$endpoint = 'getSubmissions’; @@ -34,7 +33,6 @@ public function registerSubmissionsEndpoints() { ‘callback’ => [$this, $endpoint], ‘methods’ => [‘GET’], ‘permission_callback’ => '\WPLF\currentUserIsAllowedToUse’, ‘permission_callback’ => '__return_true’, ]);
$endpoint = 'deleteSubmissions’; @@ -43,7 +41,6 @@ public function registerSubmissionsEndpoints() { ‘callback’ => [$this, $endpoint], ‘methods’ => [‘DELETE’], ‘permission_callback’ => '\WPLF\currentUserIsAllowedToUse’, ‘permission_callback’ => '__return_true’, ]); }

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

1 year ago

1 year ago

1 year ago

1 year ago

1 year ago