Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:13 a.m.6 views

CVE-2023-4023

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger...

4.3CVSS6.7AI score0.00402EPSS
Exploits2
Circl
Circl
added 2023/08/30 6:12 p.m.6 views

CVE-2023-4023

creationtimestamp| type| source ---|---|--- 2023-08-30 18:12:44+00:00| seen| https://t.me/cibsecurity/69452...

4.3CVSS6.7AI score0.00402EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/08/30 2:22 p.m.6 views

CVE-2023-4023 All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger...

6.7AI score0.00402EPSS
Exploits2References1
CVE
CVE
added 2023/08/30 2:22 p.m.54 views

CVE-2023-4023

CVE-2023-4023 – All Users Messenger (WordPress) vulnerability : The All Users Messenger plugin (≤1.24) allows non-administrator users with Subscriber privileges to delete messages due to missing access control (IDOR). Descriptions across connected sources confirm the issue as a broken-access-cont...

4.3CVSS5AI score0.00402EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/08/09 12:0 a.m.16 views

WordPress All Users Messenger Plugin <= 1.24 is vulnerable to Broken Access Control

Software All Users Messenger Type Plugin Vulnerable versions = 1.24 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4023 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID db4d05aa5b71 Credits Dmitrii Ignatyev Required...

4.3CVSS6.5AI score0.00402EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder