2 matches found
CVE-2023-6637
CVE-2023-6637 affects the CAOS | Host Google Analytics Locally WordPress plugin. A missing capability check in the update_settings function (vulnerable through 4.7.14) allows unauthenticated attackers to modify plugin settings. The issue originates from broken access control in updating settings,...
WordPress CAOS | Host Google Analytics Locally Plugin <= 4.7.14 is vulnerable to Broken Access Control
Software CAOS | Host Google Analytics Locally Type Plugin Vulnerable versions = 4.7.14 Fixed in 4.7.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6637 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 62929a294e3e Credits...