Lucene search
PatchstackVULNRICHMENT:CVE-2023-49812HistoryDec 19, 2023 - 8:55 p.m.
CVE-2023-49812 WordPress WP Photo Album Plus Plugin <= 8.5.02.005 is vulnerable to Insecure Direct Object References (IDOR)
2023-12-1920:55:34
CWE-639
Patchstack
github.com
1
wordpress
photo album plus plugin
insecure direct object references
authorization bypass
cve-2023-49812
j.n. breetvelt
opajaap
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
Related
prion
prion
Authorization
2023-12-19 21:15:00
nvd
nvd
CVE-2023-49812
2023-12-19 21:15:09
cvelist
cvelist
wpvulndb
wpvulndb
WP Photo Album Plus < 8.6.01.003 - Insecure Direct Object Reference
2023-12-09 00:00:00
cve
cve
CVE-2023-49812
2023-12-19 21:15:09
wordfence
wordfence
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-49812