CVE-2023-29431 – WordPress qTranslate X Cleanup and WPML Import plugin <= 3.0.1 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2023-29431

06 Apr 2023 — Missing Authorization vulnerability in OntheGoSystems qTranslate X Cleanup and WPML Import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects qTranslate X Cleanup and WPML Import: from n/a through 3.0.1. The qTranslate X Cleanup and WPML Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clean_ajx function in versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, wi... • https://patchstack.com/database/wordpress/plugin/qtranslate-to-wpml-export/vulnerability/wordpress-qtranslate-x-cleanup-and-wpml-import-plugin-3-0-1-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •