CVE-2023-4023
CVE-2023-4023 – All Users Messenger (WordPress) vulnerability : The All Users Messenger plugin (≤1.24) allows non-administrator users with Subscriber privileges to delete messages due to missing access control (IDOR). Descriptions across connected sources confirm the issue as a broken-access-cont...