cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forswiss-toolkit-for-wp swiss-toolkit-for-wp

Direction: ascending
Jun 07, 2024

Swiss Toolkit For WP # CVE-2024-5204

CVE, Research URL

CVE-2024-5204

Application

Swiss Toolkit For WP

Date
May 29, 2024
Research Description
The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contributor-level and above permissions to log in as any existing user on the site, such as an administrator.
Affected versions
Min -, max -.
Status
vulnerable
Apr 03, 2025

Swiss Toolkit For WP # CVE-2025-31546

CVE, Research URL

CVE-2025-31546

Application

Swiss Toolkit For WP

Date
Mar 31, 2025
Research Description
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0.
Affected versions
Min -, max -.
Status
vulnerable

Swiss Toolkit For WP # CVE-2025-31544

CVE, Research URL

CVE-2025-31544

Application

Swiss Toolkit For WP

Date
Mar 31, 2025
Research Description
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0.
Affected versions
Min -, max -.
Status
vulnerable