WordPress Plugin Vulnerabilities
DiveBook <= 1.1.4 - Improper Authorisation Check
Description
An authorisation issue is present in the DiveBook "Add New Dive" feature, allowing anonymous users to create a new dive entry with a crafted HTTP POST request.
Affects Plugins
References
Classification
Type
ACCESS CONTROLS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Hooper Labs
Verified
No
WPVDB ID
Timeline
Publicly Published
2020-12-09 (about 3 years ago)
Added
2020-12-09 (about 3 years ago)
Last Updated
2020-12-10 (about 3 years ago)