CVE-2023-46309

Medium CVSS: 5.3

Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10.

Vendor

Gvectors

Product

Wpdiscuz

CWE

CWE-862

Yayın Tarihi

2025-01-02 12:15:11

Güncelleme

2025-05-29 20:19:10

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-862 Wpdiscuz MEDIUM Gvectors 2025

Referanslar

https://patchstack.com/database/wordpress/plugin/wpdiscuz/vulnerability/wordpress-wpdiscuz-plugin-7-6-10-broken-access-control-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2026-22215

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability in the getFollowsPage() function that allows…

Medium

CVE-2026-22216

wpDiscuz before 7.6.47 contains a missing rate limiting vulnerability that allows unauthenticated attackers to subscribe…

Medium

CVE-2026-22209

wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators t…

Low

CVE-2026-22210

wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability that allows attackers to inject malicious code thro…

Medium

CVE-2026-22201

wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP() function that allows attackers to bypass IP-…

Medium

CVE-2026-22202

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments…