Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:31 a.m.4 views

CVE-2023-1169

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'fileuploadercallback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...

4.3CVSS7.1AI score0.00573EPSS
Exploits0References1
NVD
NVD
added 2023/06/09 6:15 a.m.21 views

CVE-2023-1169

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'fileuploadercallback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...

4.3CVSS4.4AI score0.00573EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.34 views

CVE-2023-1169 OoohBoi Steroids for Elementor <= 2.1.4 - Missing Authorization leading to Authenticated (Subscriber+) Image Upload

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'fileuploadercallback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...

4.3CVSS6.6AI score0.00573EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/09 5:33 a.m.18 views

CVE-2023-1169 OoohBoi Steroids for Elementor <= 2.1.4 - Missing Authorization leading to Authenticated (Subscriber+) Image Upload

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'fileuploadercallback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...

4.3CVSS4.8AI score0.00573EPSS
Exploits0References3
CVE
CVE
added 2023/06/09 5:33 a.m.42 views

CVE-2023-1169

CVE-2023-1169 affects the WordPress plugin OoohBoi Steroids for Elementor . The root cause is a missing capability check in the function file_uploader_callback , allowing an unauthorised user with subscriber privileges to upload image attachments. Affected versions are up to and including 2.1.4 ;...

4.3CVSS4.4AI score0.00573EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.11 views

WordPress OoohBoi Steroids for Elementor Plugin <= 2.1.4 is vulnerable to Broken Access Control

Software OoohBoi Steroids for Elementor Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1169 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 71712d3348d5 Credits Ramuel Ga...

4.3CVSS6.8AI score0.00573EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder