[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSoFjRWkPt3WpG_DwtYLcpu6evasUPwkF4sVlZGxn_WI":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-33594","leaky-paywall-missing-authorization-to-price-manipulation","Leaky Paywall \u003C= 4.20.8 - Missing Authorization to Price Manipulation","The Leaky Paywall plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 4.20.8. This is due to the plugin allowing the price field to be user supplied. This makes it possible for unauthenticated attackers to alter the price of memberships.","leaky-paywall",null,"\u003C=4.20.8","4.20.9","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","External Control of Assumed-Immutable Web Parameter","2024-04-25 00:00:00","2024-05-01 12:53:40",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb9f627f0-779c-4d57-a471-ce742e3a5dd5?source=api-prod",7]