3 matches found
CVE-2023-25446
Missing Authorization vulnerability in HappyFiles HappyFiles Pro happyfiles-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1...
CVE-2023-25446
CVE-2023-25446 affects HappyFiles Pro (WordPress plugin) and stems from Missing Authorization / Broken Access Control, allowing arbitrary file deletion. Vulnerable versions:
WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Arbitrary File Deletion
Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-25446 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 9c01f634cec4 Credits Dave Jong Patchstack...