5 matches found
CVE-2023-51355
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: from n/a through = 4.0.23...
CVE-2023-51355
creationtimestamp| type| source ---|---|--- 2024-12-09 14:46:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113623406367800496...
CVE-2023-51355
CVE-2023-51355 is a Missing Authorization vulnerability in MultiVendorX WC Marketplace (MVX) for WordPress/WooCommerce. Affected versions are MVX up to 4.0.23, with the root cause described as incorrectly configured access control security levels that allow bypassing authorization checks. Public ...
CVE-2023-51355 WordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerability
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: from n/a through = 4.0.23...
WordPress WC Marketplace Plugin <= 4.0.23 is vulnerable to Broken Access Control
Software WC Marketplace Type Plugin Vulnerable versions = 4.0.23 Fixed in 4.0.24 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51355 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 98133d2bdac6 Credits thiennv Required privilege...