82 matches found
LadiApp <= 4.4 - Missing Authorization
Description The plugin is vulnerable to unauthorized access of data, modification of data, or loss of data due to a missing capability check on an unknown function This makes it possible for authenticated attackers, with subscriber-level access and above, to make use of the unprotected...
WordPress LadiApp Plugin <= 4.4 is vulnerable to Broken Access Control
Software LadiApp Type Plugin Vulnerable versions = 4.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-49158 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d4f5b16a2edf Credits Truoc Phan Required privilege Subscribe...