Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.7 views

CVE-2023-5454

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

7.5CVSS6.9AI score0.00608EPSS
Exploits2References1
Circl
Circl
added 2025/02/26 9:25 p.m.7 views

CVE-2023-5454

creationtimestamp| type| source ---|---|--- 2025-02-26 21:25:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5610...

7.5CVSS7.9AI score0.00608EPSS
Exploits2References1
OSV
OSV
added 2023/11/06 9:15 p.m.3 views

CVE-2023-5454

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

7.5CVSS7.4AI score0.00608EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/11/06 8:40 p.m.10 views

CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

7.6AI score0.00608EPSS
Exploits2References1
CVE
CVE
added 2023/11/06 8:40 p.m.61 views

CVE-2023-5454

The CVE concerns the WordPress plugin Templately (versions prior to 2.2.6). Affected component: the saved-templates/delete REST API endpoint. Root cause: improper authorization allows unauthenticated users to perform delete operations. Impact: potential arbitrary post deletion due to missing acce...

7.5CVSS7.7AI score0.00608EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/11/06 8:40 p.m.32 views

CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

7.7AI score0.00608EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/10/18 12:0 a.m.19 views

WordPress Templately Plugin < 2.2.6 is vulnerable to Broken Access Control

Software Templately Type Plugin Vulnerable versions 2.2.6 Fixed in 2.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5454 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d43e1c889b21 Credits Krzysztof Zając CERT PL Require...

7.5CVSS6.4AI score0.00608EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder