CVE-2023-47762

CVE-2023-47762 affects WordPress BetterDocs plugin up to version 2.5.2, due to Missing Authorization via AJAX actions. Impact: unauthorized modification of documents for authenticated users with subscriber+ privileges (per Patchstack). Mitigation: upgrade to version 2.5.3 or later where fix is ap...

CVE-2024-30226

CVE-2024-30226 affects the WordPress WPDeveloper BetterDocs plugin up to version 3.3.3. The vulnerability is due to deserialization of untrusted data, enabling PHP Object Injection and unauthenticated exploitation. Affects BetterDocs components handling untrusted input; PatchStack and related sou...

CVE-2024-43129

CVE-2024-43129 affects the WordPress plugin BetterDocs (affected versions: n/a up to 3.5.8) and involves an authenticated Local File Inclusion via path traversal in BetterDocs. The root cause is improper limitation of a pathname to a restricted directory. The vulnerability is documented with a pa...

CVE-2024-43227

CVE-2024-43227 affects the WordPress plugin BetterDocs. Public details in connected docs indicate an Authenticated (Contributor+) Local File Inclusion in BetterDocs versions up to 3.5.8, with patch/status noted as patched in the Wordfence entry. Public exploitation specifics are not provided in t...