Page 2 of 6 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress. Una vulnerabilidad de cambio de opciones no autenticada en el plugin Accordions de Biplob Adhikari versiones anteriores a 2.0.2 incluyéndola, en WordPress The Accordions plugin for WordPress is vulnerable to arbitrary options update in versions up to, and including, 2.0.2. This is due to insufficient capability checking and option validation. This makes it possible for unauthenticated attackers to modify arbitrary options on the site and can be used for complete site takeover. • https://patchstack.com/database/vulnerability/accordions-or-faqs/wordpress-accordions-plugin-2-0-2-unauthenticated-wordpress-options-change-vulnerability https://wordpress.org/plugins/accordions-or-faqs/#developers • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •