Lucene search

CVE-2023-1865

🗓️ 05 Apr 2023 14:07:15Reported by WordfenceType

YourChannel plugin for WordPress allows unauthorized data loss via missing capability check in version 1.2.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2023-1865	5 Apr 202313:22	–	cvelist
Prion	Design/Logic Flaw	5 Apr 202314:15	–	prion
Patchstack	WordPress YourChannel: Everything you want in a YouTube Plugin <= 1.2.3 is vulnerable to Broken Access Control	5 Apr 202300:00	–	patchstack
Vulnrichment	CVE-2023-1865	5 Apr 202313:22	–	vulnrichment
WPVulnDB	YourChannel < 1.2.4 - Unauthenticated Settings Reset	5 Apr 202300:00	–	wpvulndb
NVD	CVE-2023-1865	5 Apr 202314:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 3, 2023 to Apr 9, 2023)	13 Apr 202312:03	–	wordfence

Nvd

Vulners

Node

plugin yourchannelRange≤1.2.3wordpress

[
  {
    "vendor": "pluginbuilders",
    "product": "YourChannel: Everything you want in a YouTube plugin.",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.2.3",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/34817e32-d5a3-403a-85f0-1d60af8945de
wordpress	www.wordpress.org/plugins/yourchannel/
plugins	www.plugins.trac.wordpress.org/browser/yourchannel/trunk/YourChannel.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Apr 2023 14:15Current

6.5Medium risk

Vulners AI Score6.5

CVSS36.5

EPSS0.00136

SSVC