4 matches found
CVE-2023-47757 WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control
Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects...
CVE-2023-47757
CVE-2023-47757 affects the AWeber – Free Sign Up Form and Landing Page Builder WordPress plugin. The vulnerability is due to missing authorization and CSRF, enabling access to functionality not properly constrained by ACLs. Affected versions are listed as n/a through 7.3.9; exploitation could all...
CVE-2023-47757 WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control
Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects...
WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control
Software AWeber Type Plugin Vulnerable versions = 7.3.9 Fixed in 7.3.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47757 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID e7c43a48f73b Credits Abdi Pranata Required privilege...