Vulnerabilities > 10Web > WPS Telegram Chat

DATE CVE VULNERABILITY TITLE RISK
2024-10-25 CVE-2024-9628 Missing Authorization vulnerability in 10Web WPS Telegram Chat
The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Wps_Telegram_Chat_Admin::check?onnection' function in versions up to, and including, 4.5.4.
network
low complexity
10web CWE-862
6.5
6.5
2024-10-25 CVE-2024-9630 Missing Authorization vulnerability in 10Web WPS Telegram Chat
The WPS Telegram Chat plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when accessing messages in versions up to, and including, 4.5.4.
network
low complexity
10web CWE-862
5.3
5.3