9.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Description The plugin does not have authorisation in its csv AJAX action, allowing any authenticated users, such a subscriber to export meetings and gain access to sensitive information
patchstack.com/database/vulnerability/12-step-meeting-list/wordpress-12-step-meeting-list-plugin-3-14-26-broken-access-control-vulnerability