Access Control Weakness in JoomUnited WP Table Manager
CVE-2022-47601

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: WP Table Manager
Vendor: CVE Published:; 2 January 2025

Summary

A vulnerability in JoomUnited WP Table Manager has been identified as a missing authorization issue. This flaw arises from incorrectly configured access control security levels, potentially enabling unauthorized access to sensitive functionalities within the plugin. If exploited, this vulnerability may allow attackers to perform actions beyond their intended privileges, impacting the overall security of websites utilizing the plugin. The affected version range is from n/a up to 3.5.2, necessitating timely updates and configurations to safeguard against this risk.

Affected Version(s)

WP Table Manager <= 3.5.2

References

https://patchstack.com/database/wordpress/plugin/wp-table...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 2, 2025
Vulnerability Reserved
Dec 20, 2022

Credit

Cat (Patchstack Alliance)