WebberZone Top 10 Vulnerable to Missing Authorization
CVE-2023-25993
4.3MEDIUM
Summary
A missing authorization vulnerability exists in the WebberZone Top 10 WordPress plugin, enabling attackers to exploit incorrectly configured access control security levels. This issue affects versions from n/a through 3.2.3, allowing unauthorized access to sensitive functionality. Correctly configuring access controls is crucial for maintaining application integrity and protecting user data.
Affected Version(s)
Top 10 <= 3.2.3
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafshanzani Suhada (Patchstack Alliance)