6 matches found
CVE-2023-0551
creationtimestamp| type| source ---|---|--- 2023-08-16 16:50:29+00:00| seen| https://t.me/cibsecurity/68641...
CVE-2023-0551
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...
CVE-2023-0551
The CVE CVE-2023-0551 affects the WordPress plugin REST API TO MiniProgram (through 4.6.1). The vulnerability is due to missing authorization checks and CSRF protection in an AJAX action, allowing any authenticated user (e.g., subscriber) to call and delete arbitrary attachments. Connected source...
CVE-2023-0551 REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...
CVE-2023-0551 REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion
The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...
WordPress REST API TO MiniProgram Plugin <= 4.6.9 is vulnerable to Arbitrary Content Deletion
Software REST API TO MiniProgram Type Plugin Vulnerable versions = 4.6.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2023-0551 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 319d19ca8dfe Credits Lana Codes Requir...