The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views.
History

Tue, 29 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Wpchill
Wpchill strong Testimonials
Weaknesses CWE-862
CPEs cpe:2.3:a:wpchill:strong_testimonials:*:*:*:*:*:wordpress:*:*
Vendors & Products Wpchill
Wpchill strong Testimonials

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-07T05:33:46.516Z

Updated: 2024-08-02T08:28:21.857Z

Reserved: 2023-12-04T16:46:05.653Z

Link: CVE-2023-6491

cve-icon Vulnrichment

Updated: 2024-08-02T08:28:21.857Z

cve-icon NVD

Status : Modified

Published: 2024-06-07T06:15:09.320

Modified: 2024-11-21T08:43:57.410

Link: CVE-2023-6491

cve-icon Redhat

No data.