CVE-2023-5506 in ImageMapper Plugininformação

Sumário

de MITRE • 07/11/2023

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsável

Wordfence

Reservar

10/10/2023

Divulgação

07/11/2023

Moderação

aceite

Entrada

VDB-244587

CPE

pronto

EPSS

0.00403

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!