Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-27626
5.3MEDIUM
What is CVE-2023-27626?
The Stock Ticker plugin by Aleksandar Uroševic has a security issue characterized by missing authorization checks, allowing potential exploitation due to improperly configured access control security levels. This vulnerability affects all versions starting from an unspecified point up to 3.23.0. Attackers may exploit this flaw to gain unauthorized access to sensitive functionalities, posing a significant risk to users relying on this plugin. Proper configuration and security measures are vital to mitigate potential threats associated with this vulnerability.
Affected Version(s)
Stock Ticker <= 3.23.0