3 matches found
CVE-2023-22701
CVE-2023-22701 affects WordPress Ebook Store plugin (≤ 5.775). The root cause is Missing Authorization / Broken Access Control allowing unauthenticated access to ebook_store_export_orders, potentially exposing order data. NVD CVSSv3.1 base score is 9.8 (CRITICAL); patch notes indicate fix in v5.7...
CVE-2023-22701 WordPress Ebook Store plugin <= 5.775 - Broken Authentication vulnerability
Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775...
WordPress Ebook Store Plugin <= 5.775 is vulnerable to Broken Authentication
Software Ebook Store Type Plugin Vulnerable versions = 5.775 Fixed in 5.78 OWASP Top 10 A5: Broken Access Control Classification Broken Authentication CVE CVE-2023-22701 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID eb6c903602b9 Credits yuyudhn Required privilege...