5 matches found
CVE-2023-27428
Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3...
CVE-2023-27428
Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3...
CVE-2023-27428 WordPress WP users media plugin <= 4.2.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in DamirCalusic WP users media wp-users-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through = 4.2.3...
CVE-2023-27428
CVE-2023-27428 affects WordPress WP users media plugin, vulnerable ≤ 4.2.3 due to missing authorization/broken access control. Technical details in connected docs cite a Missing Authorization/CSRF issue on wpusme_save_settings, enabling unauthorized/settings modification for affected users. No pa...
WordPress WP users media Plugin <= 4.2.3 is vulnerable to Broken Access Control
Software WP users media Type Plugin Vulnerable versions = 4.2.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27428 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ce7db91c1c95 Credits Zlrqh Required privilege...