2 matches found
CVE-2023-2434
CVE-2023-2434 affects Nested Pages (WordPress) up to version 3.2.3. A missing capability check in the reset function allows an authenticated user with editor-level permissions or higher to reset plugin settings, causing unauthorized data loss. The impact is described as data loss risk with low CV...
WordPress Nested Pages Plugin <= 3.2.3 is vulnerable to Broken Access Control
Software Nested Pages Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2434 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID 26e414b00090 Credits Lana Codes Required privilege...