2 matches found
CVE-2023-6965
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.10 with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2. This is due to the fact that the plugin allows the use of a file inclusion feature via shortcode...
WordPress Pods Plugin <= 3.0.10 is vulnerable to Broken Access Control
Software Pods Type Plugin Vulnerable versions = 3.0.10 Fixed in 3.0.10.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6965 Patch priority Low CVSS severity Low 4.3 Developer Pods Framework PSID 636da473e23f Credits Nex Team Required privilege Contributo...