3 matches found
CVE-2023-6985
The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with...
CVE-2023-6985
The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with...
WordPress 10Web AI Assistant Plugin <= 1.0.18 is vulnerable to Broken Access Control
Software 10Web AI Assistant Type Plugin Vulnerable versions = 1.0.18 Fixed in 1.0.19 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6985 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 64e97c95dab3 Credits Krzysztof Zając...