Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:21 a.m.11 views

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

4.3CVSS6.8AI score0.00507EPSS
Exploits2References1
NVD
NVD
added 2023/07/10 4:15 p.m.16 views

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

4.3CVSS4.8AI score0.00507EPSS
Exploits2References1
CVE
CVE
added 2023/07/10 12:41 p.m.2491 views

CVE-2023-3131

CVE-2023-3131 affects the MStore API WordPress plugin prior to version 3.9.7. The vulnerability arises because most AJAX actions are not protected by privilege checks or nonce validation, enabling unauthorized actions such as modifying settings. Public references describe practical proof-of-conce...

4.3CVSS4.6AI score0.00507EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/10 12:41 p.m.13 views

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

7.2AI score0.00507EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/10 12:41 p.m.15 views

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

5.1AI score0.00507EPSS
Exploits2References1
Rows per page
Query Builder