Lucene search
K

5 matches found

Patchstack
Patchstack
added 2023/11/06 12:0 a.m.8 views

WordPress MStore API Plugin <= 4.10.7 is vulnerable to Privilege Escalation

Software MStore API Type Plugin Vulnerable versions = 4.10.7 Fixed in 4.10.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-3277 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 30d740e716a7 Credits Truoc Phan ...

9.8CVSS6.6AI score0.02888EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2023/11/03 3:23 p.m.3 views

CVE-2023-3277

creationtimestamp| type| source ---|---|--- 2023-11-03 15:23:19+00:00| seen| https://t.me/cibsecurity/73514 2025-11-30 01:24:18+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-3277.yaml 2025-12-01 21:02:36+00:00| seen|...

9.8CVSS8.7AI score0.02888EPSS
Exploits0References3
NVD
NVD
added 2023/11/03 12:15 p.m.12 views

CVE-2023-3277

The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's...

9.8CVSS9AI score0.02888EPSS
Exploits0References3
OSV
OSV
added 2023/11/03 12:15 p.m.2 views

CVE-2023-3277

The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's...

9.8CVSS5.8AI score0.02888EPSS
Exploits0References2
CVE
CVE
added 2023/11/03 11:29 a.m.104 views

CVE-2023-3277

CVE-2023-3277 affects the WordPress MStore API plugin (versions

9.8CVSS7.2AI score0.02888EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder