CVE-2023-28168

State: PUBLISHED · Published: 2024-12-09 · Updated: 2024-12-09 · Assigner: Patchstack

Description

Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3.9.

CWE

CWE-862 — CWE-862 Missing Authorization

Affected

Jerod Santo / WordPress Console — v=n/a ≤0.3.9 [affected]

CVSS

3.1 score=3.7 severity=LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

References

https://patchstack.com/database/wordpress/plugin/wordpress-console/vulnerability/wordpress-wordpress-console-plugin-0-3-9-broken-access-control-vulnerability?_s_id=cve vdb-entry

Source

cvelistV5-main/cves/2023/28xxx/CVE-2023-28168.json