Lucene search
WpvulndbWPVDB-ID:0561E95C-AE47-4F0D-8E37-2A1F2E73B5D8HistoryDec 09, 2023 - 12:00 a.m.
WP Photo Album Plus < 8.6.01.003 - Insecure Direct Object Reference
2023-12-0900:00:00
wpscan.com
10
wordpress
plugin
vulnerable
insecure direct object reference
unauthenticated attacker
Description The WP Photo Album Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.5.02.005 due to missing validation on a user controlled key. This makes it possible for unauthenticated attacker to perform an unauthorized action base don a user controlled key.
Related
prion
prion
Authorization
2023-12-19 21:15:00
nvd
nvd
CVE-2023-49812
2023-12-19 21:15:09
cvelist
cvelist
cve
cve
CVE-2023-49812
2023-12-19 21:15:09
vulnrichment
vulnrichment
wordfence
wordfence
AI Score
7.8
Confidence
High
EPSS
0.001
Percentile
37.2%
Related for WPVDB-ID:0561E95C-AE47-4F0D-8E37-2A1F2E73B5D8