Lucene search
WpvulndbWPVDB-ID:D4007060-AEA1-4E69-BB3C-360CF2EE6E33HistoryNov 09, 2022 - 12:00 a.m.
WPML < 4.5.11 - Subscriber+ Settings Update
2022-11-0900:00:00
wpscan.com
9
wpml
plugin
update
vulnerability
legacy widgets
media content settings
authenticated users
EPSS
0.001
Percentile
22.7%
The plugin does not have authorisation check when updating the selected language for legacy widgets and default behaviour for media content settings, which could allow any authenticated users, such as subscriber to update them
Related
cnvd
cnvd
nvd
nvd
CVE-2022-38461
2022-11-17 22:15:10
cve
cve
CVE-2022-38461
2022-11-17 22:15:10
prion
prion
Improper access control
2022-11-17 22:15:00
cvelist
cvelist
patchstack
patchstack