CVE-2023-35052

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Directorist versions through 7.5.4

Description The issue affects the Directorist plugin, allowing exploitation of incorrectly configured access control security levels due to a Missing Authorization vulnerability. This vulnerability enables arbitrary content deletion.

Recommendations Update to the latest version to secure your site and prevent arbitrary content deletion.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2023-35052

Affected Products

Directorist

CVE-2023-35052

Weakness Enumeration

Related Identifiers

Affected Products

References · 8