2 matches found
CVE-2023-5251
The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'gridplussavelayoutcallback' and 'gridplusdeletecallback' functions in versions up to, and including, 1.3.2. This makes it possible for authenticated...
CVE-2023-5251
The CVE-2023-5251 entry concerns the Grid Plus WordPress plugin. The issue is a missing capability check in grid_plus_save_layout_callback and grid_plus_delete_callback, affecting versions up to and including 1.3.2. This allows authenticated users with subscriber privileges or higher to add, upda...