National Cyber Warfare Foundation (NCWF)

CVE-2023-0551


0 user ratings
2023-08-20 16:02:08
milo
CVEs

 - archive -- 
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments

CVE-2023-0551
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0551
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments
2023-08-16T12:15:12Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0551


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
CVEs



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.