Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.
History

Mon, 09 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Profilepress
Profilepress profilepress
CPEs cpe:2.3:a:profilepress:profilepress:*:*:*:*:pro:wordpress:*:*
Vendors & Products Profilepress
Profilepress profilepress
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 11:45:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.
Title WordPress ProfilePress plugin <= 4.13.2 - Broken Access Control vulnerability
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-12-09T11:29:56.427Z

Updated: 2024-12-09T17:13:37.300Z

Reserved: 2023-12-15T14:42:48.489Z

Link: CVE-2023-50882

cve-icon Vulnrichment

Updated: 2024-12-09T17:13:28.910Z

cve-icon NVD

Status : Received

Published: 2024-12-09T13:15:38.720

Modified: 2024-12-09T13:15:38.720

Link: CVE-2023-50882

cve-icon Redhat

No data.