Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/06/05 12:0 a.m.14 views

WordPress VK Blocks Plugin <= 1.57.0.5 is vulnerable to Broken Access Control

Software VK Blocks Type Plugin Vulnerable versions = 1.57.0.5 Fixed in 1.57.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0583 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 16379aba277f Credits Ramuel Gall Required privilege...

4.3CVSS6.5AI score0.00544EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/06/03 2:15 a.m.24 views

CVE-2023-0583

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updatevkblocksoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change plugin settings including default icons...

4.3CVSS4.5AI score0.00544EPSS
Exploits0References3
CVE
CVE
added 2023/06/03 1:59 a.m.54 views

CVE-2023-0583

The CVE-2023-0583 entry concerns the VK Blocks plugin for WordPress. Affected component: REST endpoint for updating settings (update_vk_blocks_options). Root cause: improper authorization enabling attackers with contributor-level permissions or higher to change plugin settings, including default ...

4.3CVSS4.8AI score0.00544EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/06/03 1:59 a.m.28 views

CVE-2023-0583 VK Blocks <= 1.57.0.5 - Authenticated(Contributor+) Settings Update

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updatevkblocksoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change plugin settings including default icons...

4.3CVSS4.8AI score0.00544EPSS
Exploits0References3
Rows per page
Query Builder