Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-42459: WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability - Patchstack

Auth. WordPress Options Change vulnerability in Image Hover Effects Ultimate plugin <= 9.7.1 on WordPress.

CVE
Open in Source
#vulnerability#wordpress#auth

Verified

Fixed

7.2

CVSS 3.1 score High severity

Report

Monitoring Not reported to be exploited

Vulnerable versions

<= 9.7.1

PSID

b88d2a5e1e31

Classification

Other Vulnerability Type

OWASP Top 10

A5: Broken Access Control

Required privilege

Requires high role user authentication.

Publicly disclosed

2022-10-25

Details

Auth. WordPress Options Change vulnerability discovered by Vlad Vector (Patchstack) in the WordPress Image Hover Effects Ultimate plugin (versions <= 9.7.1).

Solution

Update the WordPress Image Hover Effects Ultimate plugin to the latest available version (at least 9.7.2).

References

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE