Ideapush

ideapush

Vendor: Northernbeacheswebsites • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-24607 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Feb 14, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in Northern Beaches Websites IdeaPush ideapush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through <= 8.71.
CVE-2023-48774 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Dec 9, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.
CVE-2024-11844 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Dec 3, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71. This make...Show more The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the idea_push_taxonomy_save_routine function in all versions up to, and including, 8.71. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete terms for the "boards" taxonomy.Show less
CVE-2024-49275 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Oct 20, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Northern Beaches Websites IdeaPush ideapush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through <= 8.69.
CVE-2024-44041 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Oct 6, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Northern Beaches Websites IdeaPush ideapush allows Stored XSS.This issue affects IdeaPush: from n/a through <= 8.66.
CVE-2024-37265 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Jul 22, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.60.
CVE-2024-37461 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Jul 21, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65.
CVE-2023-47181 1Northernbeacheswebsites 1Ideapush Jun 17, 2026 Nov 8, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <= 8.52 versions.