SEO by Squirrly SEO < 12.1.21 - Missing Authorization

2023-03-1700:00:00

wpscan.com

squirrly seo

plugin

authorization

security

EPSS

Percentile

9.0%

The plugin does not check capabilities in some AJAX actions, allowing low-privileged users to perform privileged actions.

References

patchstack.com/database/vulnerability/squirrly-seo/wordpress-squirrly-seo-peaks-plugin-12-1-20-broken-access-control-vulnerability

EPSS

Percentile

9.0%

Related for WPVDB-ID:CCFB0AD0-E235-4C2A-A84B-B70E3D1A1EEB