Missing Authorization Vulnerability Affects Simple Org Chart
CVE-2023-40603

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: Simple Org Chart
Vendor: CVE Published:; 12 June 2024

Summary

The Simple Org Chart plugin by Gangesh Matta is impacted by a vulnerability characterized by insufficient authorization controls. This weakness can potentially allow unauthorized access to sensitive features, which may compromise the integrity and confidentiality of organizational data. Users of the plugin, particularly those running versions up to 2.3.4, are advised to apply necessary updates and security precautions to mitigate risks related to unauthorized access.

Affected Version(s)

Simple Org Chart <= 2.3.4

References

https://patchstack.com/database/vulnerability/simple-org-...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 12, 2024
Vulnerability Reserved
Aug 17, 2023

Credit

Abdi Pranata (Patchstack Alliance)