Security Advisory

CVE-2023-3131

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-10 12:41:17

Last updated 2024-11-12 17:02:28

Assigner WPScan

State PUBLISHED

Description

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

← Browse all CVEs View on cve.org ↗