WordPress ContentStudio Plugin < 1.2.6 is vulnerable to Bypass Vulnerability

Software ContentStudio Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A5: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-0558 Patch priority Low CVSS severity Low 7.3 Developer Claim ownership PSID 9617386e7fb6 Credits Chloe Chamberland Required privileg...

WordPress ContentStudio Plugin < 1.2.6 is vulnerable to Sensitive Data Exposure

Software ContentStudio Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0557 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID fbef17e08b06 Credits Chloe Chamberland Requir...

CVE-2023-0558

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper...

CVE-2023-0556

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

CVE-2023-0557

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

Authorization

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

Design/Logic Flaw

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

CVE-2023-0557 ContentStudio <= 1.2.5 - Information Exposure

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts...

CVE-2023-0556

The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata via the function cstugetmetadata that...

WordPress plugin ContentStudio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2023-16360

Name of the Vulnerable Software and Affected Versions ContentStudio plugin for WordPress versions prior to 1.2.5 Description The issue is related to authorization bypass due to a missing capability check on several functions. This allows unauthenticated attackers to obtain blog metadata, includin...

WordPress plugin ContentStudio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...