5 matches found
CVE-2023-5352
The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...
WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Broken Access Control
Software Awesome Support Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-5352 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07a73880431c Credits Krzysztof Zając CERT PL Required...
CVE-2023-5352
The CVE-2023-5352 entry relates to the WordPress plugin Awesome Support prior to version 6.1.5, where an insufficient authorization check in the wpas_edit_reply function allows a user to edit posts for which they lack permission. Affected versions are prior to 6.1.5; the issue is documented with ...
CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply
The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...
CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply
The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...