CVE-2023-25068

Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13...

CVE-2023-25068

Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13...

WordPress plugin Magazine Edge 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2023-25068 WordPress Magazine Edge theme <= 1.13 - Authenticated Arbitrary Plugin Activation

Missing Authorization vulnerability in Mapro Collins Magazine Edge magazine-edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through = 1.13...

CVE-2023-25068

CVE-2023-25068 pertains to WordPress Magazine Edge theme

CVE-2023-25068 WordPress Magazine Edge theme <= 1.13 - Authenticated Arbitrary Plugin Activation

Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13...

EUVD-2023-29047

Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13...

PT-2025-52566

Name of the Vulnerable Software and Affected Versions Mapro Collins Magazine Edge versions through 1.13 Description An authorization issue exists in Mapro Collins Magazine Edge due to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendation...

WordPress Magazine Edge Theme <= 1.13 is vulnerable to Broken Authentication

Software Magazine Edge Type Theme Vulnerable versions = 1.13 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-25068 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 9064016ee308 Credits Dave Jong Patchstack Required...

Magazine Edge <= 1.13 - Subscriber+ Arbitrary Plugin Activation

The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins Run the below command in the developer console of the web browser while being on the blog as a subscriber user...

Magazine Edge <= 1.13 - Subscriber+ Arbitrary Plugin Activation

The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins PoC Run the below command in the developer console of the web browser while being on the blog as a subscriber user...