WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - Broken Access Control vulnerability
CVE-2023-38475
8.8HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 13 December 2024
What is CVE-2023-38475?
A missing authorization vulnerability in the RedNao Donations Made Easy – Smart Donations plugin poses risks by allowing exploitation through incorrectly configured access control security levels. This vulnerability enables unauthorized users to access resources they should not be able to reach, impacting the overall integrity and security of the plugin. Affected versions range from n/a to 4.0.12, making it crucial for users to evaluate their installations and assess potential risks associated with improper access controls.
Affected Version(s)
Donations Made Easy – Smart Donations <= 4.0.12