Missing Authorization Vulnerability in Schema App Structured Data by Schema App
CVE-2023-44258
5.3MEDIUM
Summary
The Schema App Structured Data plugin is vulnerable to a missing authorization issue due to improperly configured access control security levels, allowing unauthorized access to sensitive resources. This can lead to potential exploitation by attackers who can leverage the exploit within versions of the plugin up to 1.23.1.
Affected Version(s)
Schema App Structured Data <= 1.23.1
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rio Darmawan (Patchstack Alliance)