Descrição
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX in all versions up to, and including, 1.3.8. This makes it possible for authenticated attackers to modify plugin settings as well as allowing full read/write/delete access to the Google Drive associated with the plugin.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2024-2086
Tags
Nâo informado
Data de publicação
30/03/2024
Última atualização
08/12/2024
Pontuação em CVSS 3.0
10
Crítico