PT-2022-25288 · WordPress · Bp Better Messages
Ananda Dhakal
+1
·
Published
2022-11-18
·
Updated
2023-08-08
·
CVE-2022-40216
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Better Messages plugin versions <= 1.9.10.69
Description
The issue is related to an authentication bypass vulnerability in the Better Messages plugin for WordPress, specifically affecting messaging block functionality for subscribers and above.
Recommendations
For Better Messages plugin versions <= 1.9.10.69, update to a version higher than 1.9.10.69 to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bp Better Messages