3 matches found
CVE-2022-38135
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...
Improper access control
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...
CVE-2022-38135
CVE-2022-38135 concerns Dean Oakley’s Photospace Gallery WordPress plugin, affected up to version 2.3.5. The flaw is a Broken Access Control where users with a subscriber or higher role can change plugin settings, indicating missing authorization checks on settings updates. Affected: Photospace G...