3 matches found
CVE-2023-2716
The Groundhogg plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'ajaxuploadfile' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers, with subscriber-level access...
WordPress Groundhogg Plugin <= 2.7.9.8 is vulnerable to Broken Access Control
Software Groundhogg Type Plugin Vulnerable versions = 2.7.9.8 Fixed in 2.7.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2716 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 35a3839f18ce Credits Lana Codes Required...
CVE-2023-2716
CVE-2023-2716 pertains to the Groundhogg WordPress plugin. Versions