2 matches found
CVE-2023-5714
CVE-2023-5714 : The WordPress plugin System Dashboard is vulnerable up to version 2.8.7 due to a missing capability check in the Ajax-hooked function sd_db_specs(), allowing authenticated users with subscriber-level access and above to retrieve data key specs. Reports from NVD and Wordfence align...
WordPress System Dashboard Plugin <= 2.8.7 is vulnerable to Broken Access Control
Software System Dashboard Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5714 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8dbbe0b8bc02 Credits Dmitrii Ignatyev Required...