6 matches found
CVE-2023-23640
Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6...
CVE-2023-23640
Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6...
CVE-2023-23640 WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation Vulnerability
Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6...
CVE-2023-23640 WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation Vulnerability
Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6...
CVE-2023-23640
The CVE-2023-23640 entry concerns the WordPress plugin MainWP UpdraftPlus Extension (versions ≤ 4.0.6). Public sources in the connected documents indicate a Broken Access Control (Missing Authorization) vulnerability that allows a Subscriber-level attacker to activate plugins arbitrarily. Patch g...
WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 is vulnerable to Broken Access Control
Software MainWP UpdraftPlus Extension Type Plugin Vulnerable versions = 4.0.6 Fixed in 4.0.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23640 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 075f06640c08 Credits Dave Jong...