The YourChannel plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check when clearing the plugin cache via the yrc_clear_cache GET parameter in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to clear the plugin's cache.
References
Configurations
History
07 Nov 2023, 04:05
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2023-04-05 14:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-1868
Mitre link : CVE-2023-1868
CVE.ORG link : CVE-2023-1868
JSON object : View
Products Affected
plugin
- yourchannel
CWE
No CWE.