CVE-2024-10078 - Drupal Plugin Unauthorized Access

1 month ago 13
ARTICLE AD BOX
CVE ID : CVE-2024-10078
Published : Oct. 18, 2024, 8:15 a.m. | 24 minutes ago
Description : The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to add, modify, or delete plugin options and posts.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article