CVE-2023-50882
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-50882 refers to a security vulnerability in ProfilePress Membership Plugin. This issue involves missing authorization, allowing unauthorized access to certain functionalities in versions 1 through 4.13.2 of the plugin. Malicious actors can exploit incorrectly configured access control security levels, potentially leading to serious data breaches or unauthorized modifications within the affected systems. Users are strongly encouraged to update their ProfilePress Membership Plugin to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share