Lucene search
+L

4 matches found

ATTACKERKB
ATTACKERKB
added 2023/07/12 5:15 a.m.4 views

CVE-2023-2562

The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...

4.3CVSS6.8AI score0.00458EPSS
Exploits0References3
NVD
NVD
added 2023/07/12 5:15 a.m.24 views

CVE-2023-2562

The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...

4.3CVSS4.3AI score0.00458EPSS
Exploits0References2
CVE
CVE
added 2023/07/12 4:38 a.m.45 views

CVE-2023-2562

CVE-2023-2562 affects Gallery Metabox for WordPress. The vulnerability is a missing capability check in refresh_metabox that, in versions up to 1.5, allows subscriber-level users to obtain a list of images attached to a post. The CVE entry notes unauthorized data access as the impact; no exploita...

4.3CVSS4.7AI score0.00458EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.14 views

WordPress Gallery Metabox Plugin <= 1.5 is vulnerable to Broken Access Control

Software Gallery Metabox Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2562 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 1b3822efa9e8 Credits Marco Wotschka Required...

4.3CVSS6.4AI score0.00458EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder