Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-6824

Disclosure Date: January 16, 2024 (last updated January 24, 2024)
The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0