CVE-2024-54293
- EPSS 0.32%
- Veröffentlicht 13.12.2024 15:15:33
- Zuletzt bearbeitet 13.12.2024 15:15:33
Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0.
CVE-2024-10285
- EPSS 1.03%
- Veröffentlicht 09.11.2024 03:15:04
- Zuletzt bearbeitet 29.01.2025 18:48:31
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to log in the user associated with the JWT toke...
CVE-2024-10294
- EPSS 0.32%
- Veröffentlicht 09.11.2024 03:15:04
- Zuletzt bearbeitet 29.01.2025 18:49:20
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and including, 2.2.0. This makes it possible for unaut...
CVE-2024-10284
- EPSS 0.12%
- Veröffentlicht 09.11.2024 03:15:03
- Zuletzt bearbeitet 29.01.2025 18:46:43
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attac...