Northernbeacheswebsites

Ideapush

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-24607

  • EPSS 0.15%
  • Veröffentlicht 14.02.2025 13:15:49
  • Zuletzt bearbeitet 23.05.2025 17:51:03

Missing Authorization vulnerability in Northern Beaches Websites IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IdeaPush: from n/a through 8.71.

5.4

CVE-2023-48774

  • EPSS 0.11%
  • Veröffentlicht 09.12.2024 13:15:33
  • Zuletzt bearbeitet 09.06.2025 19:22:58

Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.

4.3

CVE-2024-11844

  • EPSS 0.14%
  • Veröffentlicht 03.12.2024 09:15:04
  • Zuletzt bearbeitet 05.06.2025 15:47:22

The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71. This makes it possible for authenticate...

8.8

CVE-2024-49275

  • EPSS 0.2%
  • Veröffentlicht 20.10.2024 11:15:03
  • Zuletzt bearbeitet 22.10.2024 18:36:53

Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69.

4.8

CVE-2024-44041

  • EPSS 0.12%
  • Veröffentlicht 06.10.2024 12:15:03
  • Zuletzt bearbeitet 16.05.2025 20:41:16

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.66.

5.4

CVE-2024-37265

  • EPSS 0.14%
  • Veröffentlicht 22.07.2024 09:15:07
  • Zuletzt bearbeitet 21.11.2024 09:23:30

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.60.

6.1

CVE-2024-37461

  • EPSS 0.28%
  • Veröffentlicht 21.07.2024 22:15:02
  • Zuletzt bearbeitet 21.11.2024 09:23:52

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65.

4.8

CVE-2023-47181

  • EPSS 0.16%
  • Veröffentlicht 08.11.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:54

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <= 8.52 versions.