CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40331 – WordPress Accordion Slider plugin <= 1.9.6 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-40331
16 Aug 2023 — Missing Authorization vulnerability in bqworks Accordion Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion Slider: from n/a through 1.9.6. The Accordion Slider plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions such as ajax_getting_started_close(), ajax_close_custom_css_js_warning(), ajax_close_image_size_warning in versions up to, and including, 1.9.6. This makes it possible ... • https://patchstack.com/database/wordpress/plugin/accordion-slider/vulnerability/wordpress-accordion-slider-plugin-1-9-6-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39996 – WordPress Accordion and Accordion Slider plugin <= 1.2.4 - Broken Access Control
https://notcve.org/view.php?id=CVE-2023-39996
11 Aug 2023 — Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Accordion and Accordion Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion and Accordion Slider: from n/a through 1.2.4. The Accordion and Accordion Slider plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'wp_aas_get_attachment_edit_form' and 'wp_aas_save_attachment_data' nopriv_ AJAX functions in... • https://patchstack.com/database/wordpress/plugin/accordion-and-accordion-slider/vulnerability/wordpress-accordion-and-accordion-slider-plugin-1-2-4-broken-access-control?_s_id=cve • CWE-862: Missing Authorization •