ByteOS Network

maantheme

Source -

ADPNVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2024-50487

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-9.8||CRITICAL

EPSS-0.37% / 57.99%

7 Day CHG+0.04%

Published-28 Oct, 2024 | 11:17

Updated-31 Oct, 2024 | 00:17

WordPress MaanStore API plugin <= 1.0.1 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API allows Authentication Bypass.This issue affects MaanStore API: from n/a through 1.0.1.

Vendor-maantheme MaanTheme maantheme

Product-maanstore_api MaanStore API maanstore_api

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE ID-CWE-306

Missing Authentication for Critical Function

CVE-2024-49251

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.66% / 70.09%

7 Day CHG~0.00%

Published-16 Oct, 2024 | 13:27

Updated-16 Oct, 2024 | 16:38

WordPress Maan Addons For Elementor plugin <= 1.0.1 - Local File Inclusion vulnerability

: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maantheme Maan Addons For Elementor allows Local Code Inclusion.This issue affects Maan Addons For Elementor: from n/a through 1.0.1.

Vendor-Maantheme maantheme

Product-Maan Addons For Elementor maan_addons_for_elementor

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')