CVE-2023-5506 in ImageMapper Plugin
Sumário
de MITRE • 07/11/2023
The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages.
If you want to get best quality of vulnerability data, you may have to visit VulDB.