Page 2 of 6 results (0.001 seconds)
CVSS: 8.1EPSS: %CPEs: 1EXPL: 0
CVE-2022-45841 – Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.9 - Missing Authorization
https://notcve.org/view.php?id=CVE-2022-45841
The Robo Gallery plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 3.2.9. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create articles, list posts, activate and deactivate addons and reset gallery view counts. Furthermore, several of these AJAX actions were missing Cross-Site Request Forgery Protection. • CWE-862: Missing Authorization •