CVE-2023-49754

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-49754 is a security vulnerability affecting the Bulk Edit Post Titles feature in Clarion Technologies' Yogesh Pawar plugin. This issue arises due to missing authorization checks, enabling unauthorized users to manipulate post titles with incorrectly configured access control security levels. This can lead to serious data integrity concerns in WordPress installations with versions 5.0.0 and below. Unauthorized title modifications could impact website functionality and potentially pose a threat to user privacy. It is strongly recommended that affected users update their plugins to the latest version to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share