cleantalk
Vulnerabilities and Security Researches

Load More Anything, 6b946ad178fdf132c2a039c6c7e104487b2ab9cb

CVE, Research URL

6b946ad178fdf132c2a039c6c7e104487b2ab9cb

Home page URL

Security reports for Load More Anything

Application

Load More Anything

Published on
-
Research Description
Load More Anything [ajax-load-more-anything] < 3.3.4 WordPress Load More Anything Plugin <= 3.3.3 is vulnerable to Broken Access Control No patched version is available. Elliot discovered and reported this Broken Access Control vulnerability in WordPress Load More Anything Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet. This vulnerability was reported to and published by Patchstack. Our users receive alerts and protections up to 48 hours in advance. Have additional information or questions about this entry? Get in touch.
Affected versions
Min -, max 3.3.4.
Status
vulnerable
Previous vulnerability researches
Load More Anything (CVE-2024-32110) , Jun 07, 2024
Load More Anything (6b946ad178fdf132c2a039c6c7e104487b2ab9cb) , Jun 07, 2024
Load More Anything (CVE-2024-24704) , Jun 10, 2024
WordPress Infinite Scroll &#8211; Ajax Load More (CVE-2024-8505) , Oct 02, 2024
WordPress Infinite Scroll &#8211; Ajax Load More (CVE-2022-2433) , Jun 06, 2024
New vulnerability
WP SEO Structured Data Schema (CVE-2025-4127) , May 09, 2025
Content Control &#8211; The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks &amp; More (CVE-2025-47501) , May 09, 2025
CBX Map for Google Map &amp; OpenStreetMap (CVE-2025-47669) , May 09, 2025
Bold Page Builder (CVE-2025-47488) , May 09, 2025
Bold Page Builder (CVE-2025-47525) , May 09, 2025