4 matches found
CVE-2023-25446
Missing Authorization vulnerability in HappyFiles HappyFiles Pro happyfiles-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1...
CVE-2023-25446
creationtimestamp| type| source ---|---|--- 2025-12-21 01:21:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mahkk5empr2x 2025-12-22 11:40:35+00:00| seen| https://gist.github.com/Darkcrai86/4f98a40782c478ae504ebd799d1a4ed6...
CVE-2023-25446
CVE-2023-25446 affects HappyFiles Pro (WordPress plugin) and stems from Missing Authorization / Broken Access Control, allowing arbitrary file deletion. Vulnerable versions:
WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Arbitrary File Deletion
Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-25446 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 9c01f634cec4 Credits Dave Jong Patchstack...