CVE-2024-9587 - Linkz.ai WordPress Plugin Missing Capability Check Unauthorized Data Modification

1 month ago 19
ARTICLE AD BOX
CVE ID : CVE-2024-9587
Published : Oct. 11, 2024, 1:15 p.m. | 24 minutes ago
Description : The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_linkz' function in versions up to, and including, 1.1.8. This makes it possible for authenticated attackers with contributor-level privileges or above, to update plugin settings.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article