Manage Notification E-mails < 1.8.6 - Missing Authorization

2023-12-0800:00:00

wpscan.com

wordpress

vulnerable

authorization

settings

unauthenticated

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.7%

JSON

Description The Manage Notification E-mails plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.8.5 via the card_famne_export_settings function. This makes it possible for unauthenticated attackers to obtain plugin settings.