Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.5 views

CVE-2023-28416

Missing Authorization vulnerability in Sparkle Themes Chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through 1.0.5...

4.3CVSS8AI score0.0038EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.10 views

CVE-2023-28416

Missing Authorization vulnerability in Sparkle Themes Chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through 1.0.5...

4.3CVSS0.0038EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.8 views

CVE-2023-28416 WordPress Chankhe theme <= 1.0.5 - Authenticated Arbitrary Plugin Activation vulnerability

Missing Authorization vulnerability in sparklewpthemes Chankhe chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through = 1.0.5...

4.3CVSS7.3AI score0.0038EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.42 views

CVE-2023-28416

CVE-2023-28416 affects the WordPress Chankhe theme (Sparkle Themes) up to version 1.0.5. Root cause: Missing Authorization due to incorrectly configured access control, enabling authenticated users (Subscriber) to activate plugins arbitrarily. Impact is limited to authenticated plugin-activation ...

4.3CVSS8AI score0.0038EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.23 views

CVE-2023-28416 WordPress Chankhe theme <= 1.0.5 - Authenticated Arbitrary Plugin Activation vulnerability

Missing Authorization vulnerability in Sparkle Themes Chankhe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chankhe: from n/a through 1.0.5...

4.3CVSS0.0038EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/03/15 12:0 a.m.10 views

WordPress Chankhe Theme <= 1.0.5 is vulnerable to Broken Authentication

Software Chankhe Type Theme Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-28416 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 9050e7df6a1b Credits Dave Jong Patchstack Required...

6.3AI score0.0038EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder