CVE-2023-2545
- EPSS 0.12%
- Veröffentlicht 31.05.2023 03:15:09
- Zuletzt bearbeitet 21.11.2024 07:58:48
The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authen...
CVE-2023-2547
- EPSS 0.05%
- Veröffentlicht 31.05.2023 03:15:09
- Zuletzt bearbeitet 21.11.2024 07:58:48
The Feather Login Page plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteUser' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticate...
CVE-2023-2549
- EPSS 0.12%
- Veröffentlicht 31.05.2023 03:15:09
- Zuletzt bearbeitet 21.11.2024 07:58:48
The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possib...