WordPress qTranslate X Cleanup and WPML Import plugin <= 3.0.1 - Broken Access Control vulnerability
CVE-2023-29431
4.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 9 December 2024
What is CVE-2023-29431?
The identified vulnerability in OntheGoSystems' qTranslate X Cleanup and WPML Import stems from a missing authorization check. This flaw allows attackers to exploit incorrectly configured access control security levels, leading to the potential for unauthorized actions within these plugins. The issue is present in versions prior to 3.0.1, making it critical for users to review their configurations and update to a secure version to mitigate associated risks.
Affected Version(s)
qTranslate X Cleanup and WPML Import <= 3.0.1