Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:300C80DC-A032-4F75-916E-37F2CFB3938D
HistoryNov 23, 2023 - 12:00 a.m.

Social proof testimonials and reviews by Repuso < 5.00 - Missing Authorization

2023-11-2300:00:00
wpscan.com
3
social proof
testimonials
reviews
repuso
wordpress
vulnerability
unauthorized access
data retrieval
ajax action
capabilities_check

6.5 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON

Description The Social proof testimonials and reviews by Repuso plugin for WordPress is vulnerable to unauthorized access of data due to missing capability checks on several functions hooked via AJAX actions in versions up to, and including, 4.97. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve information about the plugin.

CPENameOperatorVersion
eq5.00

Related

wordfence 1
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 16, 2023 to October 22, 2023)
2023-10-26 18:41:12

6.5 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON
Related for WPVDB-ID:300C80DC-A032-4F75-916E-37F2CFB3938D
wordfence1