WP Mailster Missing Authorization Vulnerability Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2024-53805
9.8CRITICAL
What is CVE-2024-53805?
A vulnerability exists within the WP Mailster plugin developed by Brandtoss due to missing authorization controls, allowing attackers to exploit incorrectly configured access security levels. This issue affects all versions from n/a up to 1.8.16.0. Successful exploitation could lead to unauthorized access and actions that compromise the integrity of user data and application functionality, emphasizing the importance of robust access control implementations in WordPress plugins.
Affected Version(s)
WP Mailster <= 1.8.16.0