Security Advisory

CVE-2023-3209

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-10 12:41:04

Last updated 2024-11-08 18:21:41

Assigner WPScan

State PUBLISHED

Description

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

← Browse all CVEs View on cve.org ↗