3 matches found
WordPress Go Pricing Plugin <= 3.3.19 is vulnerable to Broken Access Control
Software Go Pricing Type Plugin Vulnerable versions = 3.3.19 Fixed in 3.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2494 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 71975662f90e Credits Lana Codes Required privilege...
CVE-2023-2494
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processpostdata' function in versions up to, and including, 3.3.19. This makes it possible for authenticated attackers with a role...
CVE-2023-2494
CVE-2023-2494 affects the Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress. Vulnerable in versions up to 3.3.19 due to a missing capability check in the function process_postdata, enabling authenticated attackers (with a role granted access to the plugin) to modify access to ...