CVE-2023-1024
The CVE-2023-1024 entry concerns the WP Meta SEO WordPress plugin, where a missing capability check in regenerateSitemaps (versions up to 4.5.3) allows authenticated subscribers to generate sitemaps. Root cause: reliance on nonce-based access control, with nonces exposed to all authenticated user...