CVE-2023-49812

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 19, 2023

Updated: Dec 30, 2023

CWE ID 639

Summary

CVE-2023-49812 is a new authorization bypass vulnerability affecting the J.N. Breetvelt WP Photo Album Plus plugin. The issue allows unauthorized access to restricted functions when an attacker can control the key used in the authorization check. This vulnerability affects WP Photo Album Plus versions from n/a through 8.5.02.005, making it essential for users to update their plugins as soon as possible to mitigate potential threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WPPA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/toM96D
https://www.cve.org/CVERecord?id=CVE-2023-49812
https://nvd.nist.gov/vuln/detail/CVE-2023-49812

Back to Vulnerability Database

CVE-2023-49812

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations