The Change Memory Limit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the admin_logic() function hooked via admin_init in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update the memory limit.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Dec 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Simon99
Simon99 change Memory Limit |
|
Weaknesses | CWE-862 | |
CPEs | cpe:2.3:a:simon99:change_memory_limit:1.0:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Simon99
Simon99 change Memory Limit |
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-03-05T01:56:03.764Z
Updated: 2024-08-01T18:26:30.607Z
Reserved: 2024-01-31T00:49:01.943Z
Link: CVE-2024-1093
Vulnrichment
Updated: 2024-08-01T18:26:30.607Z
NVD
Status : Analyzed
Published: 2024-03-05T02:15:25.970
Modified: 2024-12-23T17:03:58.370
Link: CVE-2024-1093
Redhat
No data.