PT-2023-27202 · Servmask · Servmask All-In-One Wp Migration Google Drive Extension+1
Rafie Muhammad
·
Published
2023-08-30
·
Updated
2024-06-22
·
CVE-2023-40004
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
ServMask All-in-One WP Migration Box Extension versions 1.53 and earlier
ServMask All-in-One WP Migration OneDrive Extension versions 1.66 and earlier
ServMask All-in-One WP Migration Dropbox Extension versions 3.75 and earlier
ServMask All-in-One WP Migration Google Drive Extension versions 2.79 and earlier
Description
The issue is related to a Missing Authorization vulnerability in ServMask All-in-One WP Migration extensions. This vulnerability may allow unauthorized access to certain features or data.
Recommendations
For ServMask All-in-One WP Migration Box Extension versions 1.53 and earlier, update to a version later than 1.53.
For ServMask All-in-One WP Migration OneDrive Extension versions 1.66 and earlier, update to a version later than 1.66.
For ServMask All-in-One WP Migration Dropbox Extension versions 3.75 and earlier, update to a version later than 3.75.
For ServMask All-in-One WP Migration Google Drive Extension versions 2.79 and earlier, update to a version later than 2.79.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Servmask All-In-One Wp Migration Box Extension
Servmask All-In-One Wp Migration Google Drive Extension