Missing Authorization Vulnerability in Apollo13 Framework Extensions Could Allow Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-25959
5.4MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 9 December 2024
What is CVE-2023-25959?
A vulnerability exists in Apollo13 Framework Extensions where missing authorization can lead to exploitation due to incorrectly configured access control security levels. This issue allows unauthorized users to access restricted functionalities or data, compromising the security integrity of the system. Organizations using the affected versions are urged to assess their configurations to ensure proper access control measures are in place to mitigate potential risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Apollo13 Framework Extensions <= 1.8.10
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
István Márton (Patchstack Alliance)