3 matches found
CVE-2023-0447
The My YouTube Channel plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the clearallcache function in versions up to, and including, 3.0.12.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to clear t...
CVE-2023-0447
CVE-2023-0447 affects the WordPress plugin My YouTube Channel . The vulnerability is an authorization bypass caused by a missing capability check in the clear_all_cache function, present in versions up to and including 3.0.12.1. This could allow authenticated attackers with subscriber-level permi...
WordPress YouTube Channel Plugin <= 3.0.12.1 is vulnerable to Broken Access Control
Software YouTube Channel Type Plugin Vulnerable versions = 3.0.12.1 Fixed in 3.23.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0447 Patch priority Medium CVSS severity Medium 4.3 Developer Aleksandar Urošević PSID 5cd4c6177416 Credits WordfenceTeam...