CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56271 – WordPress WP SecureSubmit plugin <= 1.5.16 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-56271
03 Jan 2025 — Missing Authorization vulnerability in SecureSubmit WP SecureSubmit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SecureSubmit: from n/a through 1.5.16. Vulnerabilidad de autorización faltante en SecureSubmit WP SecureSubmit permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a WP SecureSubmit: desde n/a hasta 1.5.16. The WP SecureSubmit plugin for WordPress is vulnerable to unauthorized access due to a... • https://patchstack.com/database/wordpress/plugin/securesubmit/vulnerability/wordpress-wp-securesubmit-plugin-1-5-16-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56270 – WordPress WP SecureSubmit plugin <= 1.5.16 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-56270
03 Jan 2025 — Missing Authorization vulnerability in SecureSubmit WP SecureSubmit.This issue affects WP SecureSubmit: from n/a through 1.5.16. The WP SecureSubmit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.16. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/securesubmit/vulnerability/wordpress-wp-securesubmit-plugin-1-5-16-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •