2 matches found
CVE-2023-6810 ClickCease Click Fraud Protection <= 3.2.4 - Improper Authorization to sensitive information exposure via get_settings
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to...
WordPress ClickCease Click Fraud Protection Plugin <= 3.2.4 is vulnerable to Sensitive Data Exposure
Software ClickCease Click Fraud Protection Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6810 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3a24e46ebbd4 Credits Francesc...