Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.6 views

CVE-2023-27428

Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3...

5.4CVSS8.5AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.6 views

CVE-2023-27428

Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3...

5.4CVSS0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.17 views

CVE-2023-27428 WordPress WP users media plugin <= 4.2.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in DamirCalusic WP users media wp-users-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through = 4.2.3...

5.4CVSS7.3AI score0.0035EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.45 views

CVE-2023-27428

CVE-2023-27428 affects WordPress WP users media plugin, vulnerable ≤ 4.2.3 due to missing authorization/broken access control. Technical details in connected docs cite a Missing Authorization/CSRF issue on wpusme_save_settings, enabling unauthorized/settings modification for affected users. No pa...

5.4CVSS8.5AI score0.0035EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/08/28 12:0 a.m.7 views

WordPress WP users media Plugin <= 4.2.3 is vulnerable to Broken Access Control

Software WP users media Type Plugin Vulnerable versions = 4.2.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27428 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ce7db91c1c95 Credits Zlrqh Required privilege...

6.6AI score0.0035EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder