CVE-2023-5352

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Awesome Support WordPress plugin versions prior to 6.1.5

Description The issue allows users to edit posts for which they do not have permission due to incorrect authorization of the wpas edit reply function.

Recommendations For versions prior to 6.1.5, update to version 6.1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the wpas edit reply function until a patch is available.

Exploit

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-683CWE-863

Related Identifiers

CVE-2023-5352

Affected Products

Awesome Support

CVE-2023-5352

Weakness Enumeration

Related Identifiers

Affected Products

References · 4