Wickedplugins

Wicked Folders

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-0715

  • EPSS 0.16%
  • Veröffentlicht 08.02.2023 02:15:07
  • Zuletzt bearbeitet 08.04.2026 19:18:02

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subs...

4.3

CVE-2023-0685

  • EPSS 0.09%
  • Veröffentlicht 08.02.2023 02:15:07
  • Zuletzt bearbeitet 08.04.2026 19:18:02

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_unassign_folders function. This makes it possible for unau...

4.3

CVE-2023-0684

  • EPSS 0.16%
  • Veröffentlicht 08.02.2023 02:15:07
  • Zuletzt bearbeitet 08.04.2026 17:16:48

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_unassign_folders function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with ...

4.3

CVE-2023-0718

  • EPSS 0.16%
  • Veröffentlicht 08.02.2023 00:15:08
  • Zuletzt bearbeitet 08.04.2026 17:16:49

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subsc...

4.3

CVE-2023-0730

  • EPSS 0.09%
  • Veröffentlicht 07.02.2023 23:15:09
  • Zuletzt bearbeitet 08.04.2026 18:17:49

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder_order function. This makes it possible for una...

4.3

CVE-2023-0727

  • EPSS 0.09%
  • Veröffentlicht 07.02.2023 23:15:09
  • Zuletzt bearbeitet 08.04.2026 18:17:48

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_delete_folder function. This makes it possible for unauthe...

4.3

CVE-2023-0723

  • EPSS 0.09%
  • Veröffentlicht 07.02.2023 23:15:09
  • Zuletzt bearbeitet 08.04.2026 19:18:03

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_move_object function. This makes it possible for unauthent...

4.3

CVE-2023-0719

  • EPSS 0.16%
  • Veröffentlicht 07.02.2023 23:15:08
  • Zuletzt bearbeitet 08.04.2026 18:17:44

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_sort_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with s...

4.3

CVE-2023-0712

  • EPSS 0.16%
  • Veröffentlicht 07.02.2023 23:15:08
  • Zuletzt bearbeitet 08.04.2026 17:16:49

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_move_object function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subsc...

4.3

CVE-2023-0728

  • EPSS 0.09%
  • Veröffentlicht 07.02.2023 22:15:11
  • Zuletzt bearbeitet 08.04.2026 18:17:49

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder function. This makes it possible for unauthent...