Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:45CA5775-A5E6-44D8-97A8-E75238F702A5
HistoryJan 24, 2024 - 12:00 a.m.

GS Pins for Pinterest Lite < 1.8.1 - Missing Authorization via _update_shortcode

2024-01-2400:00:00
wpscan.com
4
pinterest lite
vulnerability
missing authorization
update shortcode
data modification
authenticated attackers

6.8 Medium

AI Score

Confidence

High

JSON

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check and a misconfigured nonce check on the _update_shortcode function, allowing authenticated attackers, with subscriber access and above, to update the plugin’s shortcodes.

CPENameOperatorVersion
eq1.8.1

6.8 Medium

AI Score

Confidence

High

JSON