CVE-2023-32798 – Simple Page Ordering <= 2.5.0 - Missing Authorization to Information Disclosure

https://notcve.org/view.php?id=CVE-2023-32798

The Simple Page Ordering plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the rest_page_ordering function in versions up to, and including, 2.5.0. This makes it possible for subscriber-level attackers to obtain structural information maintained by the plugin. • CWE-862: Missing Authorization •