WordPress Plugin Vulnerabilities
Health Check & Troubleshooting < 1.2.4 - Missing Authorization Checks
Description
The plugin is missing capability checks in several AJAX actions, allowing users with a role as low as Subscriber to perform privileged actions.
Affects Plugins
Classification
Type
NO AUTHORISATION
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Julien Legras
Verified
No
WPVDB ID
Timeline
Publicly Published
2022-12-05 (about 1 years ago)
Added
2023-05-25 (about 11 months ago)
Last Updated
2023-05-25 (about 11 months ago)