CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4746 – WordPress Netgsm plugin <= 2.9.16 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-4746
10 Jun 2024 — Missing Authorization vulnerability in Netgsm.This issue affects Netgsm: from n/a through 2.9.16. Vulnerabilidad de autorización faltante en Netgsm. Este problema afecta a Netgsm: desde n/a hasta 2.9.16. • https://patchstack.com/database/vulnerability/netgsm/wordpress-netgsm-plugin-2-9-16-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35672 – WordPress Netgsm plugin <= 2.9.19 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-35672
10 May 2024 — Missing Authorization vulnerability in Netgsm.This issue affects Netgsm: from n/a through 2.9.19. Vulnerabilidad de autorización faltante en Netgsm. Este problema afecta a Netgsm: desde n/a hasta 2.9.16. The Netgsm plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.9.32. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action. • https://patchstack.com/database/vulnerability/netgsm/wordpress-netgsm-plugin-2-9-16-broken-access-control-vulnerability-2?_s_id=cve • CWE-862: Missing Authorization •