CVE-2023-2715
CVE-2023-2715 concerns the Groundhogg WordPress plugin. Public records show vulnerable versions up to 2.7.9.8 where a missing capability check in the submit_ticket function can allow an authenticated user to modify data or create an admin account via a ticket that includes site data and a login l...