Security Advisory

CVE-2023-5737

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-27 16:22:02

Last updated 2024-08-02 08:07:32

Assigner WPScan

State PUBLISHED

Description

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.

← Browse all CVEs View on cve.org ↗