← Back

Wp Force Ssl

wp_force_ssl

Vendor: Webfactoryltd • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-5770
1Webfactoryltd
1Wp Force Ssl
Apr 8, 2026
Jun 8, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting' function in versions up to, and including, 1.66....Show more
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permissions and above, to update the plugin settings.Show less