[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzp-cVnAFJ8m1bshfEWr_HftZHgg1cLpyivbz4mhcuhw":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":9,"research_verified":22,"research_rounds_completed":23,"research_plan":9,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":9,"research_started_at":9,"research_completed_at":9,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":22,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":22,"source_links":24},"WF-e3702936-9ae2-4efb-bdfe-9e1dfceb246b-protect-uploads","protect-uploads-authorization-bypass","Protect uploads \u003C= 0.3 - Authorization Bypass","The Protect uploads plugin for WordPress failed to use a capability check and leaked the nonce necessary to save changes in the protect-uploads-admin-settings-page.php file. This meant that attackers able to successfully load this file in the context of WordPress, such as through a separate local file inclusion vulnerability, could save changes to the plugin settings. Note that while the file did allow direct access, this was not sufficient to obtain sensitive information or make changes on its own.","protect-uploads",null,"\u003C=0.3","0.4","medium",4.8,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Authorization","2022-08-13 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe3702936-9ae2-4efb-bdfe-9e1dfceb246b?source=api-prod",528,[],false,0,{"type":25,"vulnerable_version":9,"fixed_version":9,"vulnerable_browse":9,"vulnerable_zip":9,"fixed_browse":9,"fixed_zip":9,"all_tags":26},"plugin","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fprotect-uploads\u002Ftags"]