3 matches found
WordPress Premium Packages Plugin <= 5.7.4 is vulnerable to Privilege Escalation
Software Premium Packages Type Plugin Vulnerable versions = 5.7.4 Fixed in 5.7.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-4293 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID fc8d08d3355c Credits Lana...
CVE-2023-4293 Premium Packages - Sell Digital Products Securely <= 5.7.4 - Arbitrary User Meta Update to Authenticated (Subscriber+) Privilege Escalation
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...
CVE-2023-4293
CVE-2023-4293 affects the Premium Packages – Sell Digital Products Securely WordPress plugin (versions