Missing Authorization vulnerability in Squirrly SEO Plugin
CVE-2022-44626
6.3MEDIUM
Summary
A missing authorization vulnerability exists in the Squirrly SEO Plugin, impacting versions from n/a to 12.1.20. This vulnerability may allow unauthorized users to access restricted areas of the application, compromising the integrity and confidentiality of SEO data. Proper access controls should be implemented to mitigate potential security risks associated with this vulnerability.
Affected Version(s)
SEO Plugin by Squirrly SEO <= 12.1.20
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)