2 matches found
CVE-2023-3459
CVE-2023-3459 affects the WordPress plugin “Export and Import Users and Customers.” Vulnerable through version 2.4.1 due to a missing capability check on the hf_update_customer function invoked via AJAX. This allows an authenticated attacker with shop-manager permissions to modify user data (e.g....
WordPress Import Export WordPress Users Plugin <= 2.4.1 is vulnerable to Broken Access Control
Software Import Export WordPress Users Type Plugin Vulnerable versions = 2.4.1 Fixed in 2.4.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3459 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 1ce4b4916f80 Credits Lana Codes...