Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2023-7268
HistoryJul 19, 2024 - 6:00 a.m.

CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion

2024-07-1906:00:04
WPScan
www.cve.org
5
cve-2023-7268
artplacer widget
wordpress plugin
arbitrary widget deletion
authorisation check
authenticated users
subscriber

EPSS

0

Percentile

9.3%

JSON

The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "ArtPlacer Widget",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "2.21.2"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

vulnrichment 1
cve 1
nvd 1
vulnrichment
vulnrichment
CVE-2023-7268 ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
2024-07-19 06:00:04
cve
cve
CVE-2023-7268
2024-07-19 06:15:02
nvd
nvd
CVE-2023-7268
2024-07-19 06:15:02

EPSS

0

Percentile

9.3%

JSON
Related for CVELIST:CVE-2023-7268
vulnrichment1cve1nvd1