5 matches found
CVE-2023-3131
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...
CVE-2023-3131
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...
CVE-2023-3131
CVE-2023-3131 affects the MStore API WordPress plugin prior to version 3.9.7. The vulnerability arises because most AJAX actions are not protected by privilege checks or nonce validation, enabling unauthorized actions such as modifying settings. Public references describe practical proof-of-conce...
CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...
CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...