Missing Authorization vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe to Category: from n/a through 2.7.4.
History

Thu, 02 Jan 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 02 Jan 2025 14:30:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe to Category: from n/a through 2.7.4.
Title WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to Broken Access Control
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-01-02T14:23:25.250Z

Updated: 2025-01-02T14:43:15.256Z

Reserved: 2022-10-19T11:40:57.162Z

Link: CVE-2022-43476

cve-icon Vulnrichment

Updated: 2025-01-02T14:43:11.703Z

cve-icon NVD

Status : Received

Published: 2025-01-02T15:15:18.500

Modified: 2025-01-02T15:15:18.500

Link: CVE-2022-43476

cve-icon Redhat

No data.