CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44148 – WordPress Astra Bulk Edit plugin <= 1.2.7 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-44148
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7. Vulnerabilidad de autorización faltante en Brainstorm Force Astra Bulk Edit. Este problema afecta a Astra Bulk Edit: desde n/a hasta 1.2.7. The Astra Bulk Edit plugin for WordPress is vulnerable to unauthorized missing authorization due to a missing capability check on the save_post_bulk_edit function in versions up to, and including, 1.2.7. This makes it possible for attackers with contributor-level access or higher to bulk edit posts. • https://patchstack.com/database/vulnerability/astra-bulk-edit/wordpress-astra-bulk-edit-plugin-1-2-7-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •