CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21743 – WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-21743
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This issue affects Houzez Login Register: from n/a through 3.2.5. The Quiz Maker plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 6.5.1.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions. • https://patchstack.com/database/vulnerability/houzez-login-register/wordpress-houzez-login-register-plugin-3-2-5-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23985 – WordPress Quiz Maker plugin <= 6.3.9.4 - Content Spoofing
https://notcve.org/view.php?id=CVE-2023-23985
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4. Vulnerabilidad de autorización faltante en el equipo de Quiz Maker Quiz Maker. Este problema afecta a Quiz Maker: desde n/a hasta 6.3.9.4. The Quiz Maker plugin for WordPress is vulnerable to content spoofing in versions up to, and including 6.3.9.4. This makes it possible for unauthenticated attackers to inject content that may alter the content and display of select pages. • https://patchstack.com/database/vulnerability/quiz-maker/wordpress-quiz-maker-plugin-6-3-9-4-content-spoofing?_s_id=cve • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-862: Missing Authorization •