Glossary
by WordPress
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46633 | Med | 0.35 | 5.4 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2. | ||
| CVE-2024-6570 | Med | 0.34 | 5.3 | 0.00 | Jul 16, 2024 | The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with display_errors being enabled. This makes it possible for… |
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.
- risk 0.34cvss 5.3epss 0.00
The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with display_errors being enabled. This makes it possible for…