4 matches found
CVE-2023-28990
creationtimestamp| type| source ---|---|--- 2024-12-13 15:44:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113646282910489753...
CVE-2023-28990
Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9...
CVE-2023-28990
CVE-2023-28990 : WordPress theme Viral Mag (versions ≤ 1.0.9) suffers a Missing Authorization flaw that enables an authenticated user withsubscriber privileges to activate plugins arbitrarily due to broken access control. The issue is classed as a Medium risk with CVSSv3.1 score 4.3 (AV:N/AC:L/PR...
WordPress Viral Mag Theme <= 1.0.9 is vulnerable to Broken Authentication
Software Viral Mag Type Theme Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-28990 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID b28f73fc2c08 Credits Dave Jong Patchstack Required...