CVE-2023-6637 | CAOS Plugin up to 4.7.14 on WordPress Setting authorization

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability, which was classified as problematic, has been found in CAOS Plugin up to 4.7.14 on WordPress. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to missing authorization.

The identification of this vulnerability is CVE-2023-6637. Local access is required to approach this attack. There is no exploit available.

CVE-2023-6637 | CAOS Plugin up to 4.7.14 on WordPress Setting authorization

Related Posts

CVE-2023-7054 | PHPGurukul Online Notes Sharing System 1.0 /user/add-notes.php unrestricted upload

CVE-2024-42355 | Shopware up to 6.5.8.12/6.6.5.0 Twig Tag sw_silent_feature_call special elements used in a template engine (GHSA-27wp-jvhw-v4xp)

CVE-2023-49417 | Totolink A7000R 9.1.0u.6115_B20201022 setOpModeCfg stack-based overflow

CVE-2023-46385 | LOYTEC LINX Configurator 7.4.10 password cleartext transmission