Starter Templates <= 3.2.5 - Incorrect Authorization

2023-11-2400:00:00

wpscan.com

wordpress

starter templates

vulnerability

unauthorized access

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Description The Starter Templates (free and premium) plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the sse_import() function in versions up to, and including, 3.2.5. This makes it possible for authenticated attackers, with contributor-level access and above, to import plugin/template data.