Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-5737

Disclosure Date: November 27, 2023 (last updated December 02, 2023)
The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0