CVE-2023-5506 in ImageMapper Plugininformazioni

Riassunto

di MITRE • 07/11/2023

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsabile

Wordfence

Prenotare

10/10/2023

Divulgazione

07/11/2023

Moderazione

accettato

CPE

pronto

EPSS

0.00403

KEV

no

Attività

molto basso

Fonti

Want to know what is going to be exploited?

We predict KEV entries!