The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 08:16
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c - Exploit, Third Party Advisory |
07 Nov 2023, 04:17
Type | Values Removed | Values Added |
---|---|---|
CWE |
19 Jul 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
References | (MISC) https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c - Exploit, Third Party Advisory | |
First Time |
Inspireui
Inspireui mstore Api |
10 Jul 2023, 16:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-10 16:15
Updated : 2024-11-21 08:16
NVD link : CVE-2023-3131
Mitre link : CVE-2023-3131
CVE.ORG link : CVE-2023-3131
JSON object : View
Products Affected
inspireui
- mstore_api
CWE
No CWE.