4 matches found
CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2023-2562
CVE-2023-2562 affects Gallery Metabox for WordPress. The vulnerability is a missing capability check in refresh_metabox that, in versions up to 1.5, allows subscriber-level users to obtain a list of images attached to a post. The CVE entry notes unauthorized data access as the impact; no exploita...
WordPress Gallery Metabox Plugin <= 1.5 is vulnerable to Broken Access Control
Software Gallery Metabox Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2562 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 1b3822efa9e8 Credits Marco Wotschka Required...