Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2024/04/15 12:0 a.m.11 views

WordPress Inline Related Posts Plugin < 3.6.0 is vulnerable to Broken Access Control

Software Inline Related Posts Type Plugin Vulnerable versions 3.6.0 Fixed in 3.6.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6257 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c2f0b627f547 Credits Krzysztof Zając CERT PL...

6.9AI score0.00451EPSS
Exploits2References4Affected Software1
Circl
Circl
added 2024/04/13 1:40 a.m.7 views

CVE-2023-6257

creationtimestamp| type| source ---|---|--- 2024-04-13 01:40:37+00:00| seen| https://t.me/arpsyndicate/4625...

4.3CVSS8.7AI score0.00451EPSS
Exploits2References1
NVD
NVD
added 2024/04/11 5:15 a.m.21 views

CVE-2023-6257

The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts...

4.3CVSS6.4AI score0.00451EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/11 5:0 a.m.12 views

CVE-2023-6257 Inline Related Posts < 3.6.0 - Subscriber+ Password Protected Post Read

The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts...

6.3AI score0.00451EPSS
Exploits2References1
Rows per page
Query Builder