2 matches found
CVE-2023-47232
Affected software: WordPress plugin WP Affiliate Disclosure (wp-affiliate-disclosure). Vulnerability type & root cause: Broken access control exposing limited operations to subscribers due to CSRF-like issues in check_capability, as reported for versions up to 1.2.6. Impact: Unauthorized changes ...
WordPress WP Affiliate Disclosure Plugin <= 1.2.6 is vulnerable to Broken Access Control
Software WP Affiliate Disclosure Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47232 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 2924c14c37f1 Credits Abdi Pranata...