CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45000 – WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerability
https://notcve.org/view.php?id=CVE-2023-45000
Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7. Vulnerabilidad de autorización faltante en LiteSpeed Technologies LiteSpeed Cache. Este problema afecta a LiteSpeed Cache: desde n/a hasta 5.7. The LiteSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the 'update_cdn_status' function in versions up to, and including, 5.7. This makes it possible for unauthenticated attackers to modify the plugin's CDN status. • https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-broken-access-control-on-api-vulnerability?_s_id=cve • CWE-862: Missing Authorization •