4 matches found
CVE-2023-6369
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...
CVE-2023-6369
CVE-2023-6369 affects the WordPress plugin “Export WP Page to Static HTML/CSS” up to version 2.1.9. Root cause: missing capability checks on multiple AJAX actions, enabling authenticated users with subscriber-level access and above to access data or perform unauthorized actions (e.g., saving adva...
CVE-2023-6369 Export WP Page to Static HTML/CSS <= 2.1.9 - Missing Authorization via Multiple AJAX Actions
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...
WordPress Export WP Page to Static HTML/CSS Plugin <= 2.1.9 is vulnerable to Broken Access Control
Software Export WP Page to Static HTML/CSS Type Plugin Vulnerable versions = 2.1.9 Fixed in 2.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6369 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fad061a3db6e Credits Alex Thomas...