Lucene search
K

4 matches found

Circl
Circl
added 2023/02/08 12:24 a.m.4 views

CVE-2023-0713

creationtimestamp| type| source ---|---|--- 2023-02-08 00:24:20+00:00| seen| https://t.me/cibsecurity/57709...

5.4CVSS6.1AI score0.00576EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/02/08 12:0 a.m.12 views

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Broken Access Control

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0713 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 74dfca7bfe3c Credits Marco Wotschka Requir...

5.4CVSS6.5AI score0.00576EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/02/07 10:15 p.m.24 views

CVE-2023-0713

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxaddfolder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this...

5.4CVSS5.2AI score0.00576EPSS
Exploits0References4
CVE
CVE
added 2023/02/07 9:5 p.m.51 views

CVE-2023-0713

CVE-2023-0713 affects the WordPress Wicked Folders plugin. The root cause is a missing capability check on the ajax_add_folder function, enabling an authenticated user with subscriber-level permissions or higher to perform administrator-level actions (modify the plugin’s folder structure). The vu...

5.4CVSS4.7AI score0.00576EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder