The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-07-10T12:41:04.575Z
Updated: 2024-08-02T06:48:07.960Z
Reserved: 2023-06-12T15:09:38.041Z
Link: CVE-2023-3209
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-07-10T16:15:55.190
Modified: 2023-11-07T04:18:14.180
Link: CVE-2023-3209
Redhat
No data.