CVE-2023-47793 – WordPress Acme Fix Images plugin <= 1.0.0 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2023-47793

15 Nov 2023 — Missing Authorization vulnerability in acmethemes Acme Fix Images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acme Fix Images: from n/a through 1.0.0. The Acme Fix Images plugin for WordPress is vulnerable to unauthorized access to the acme_fix_images_ajax_callback function in versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to resize images. • https://patchstack.com/database/wordpress/plugin/acme-fix-images/vulnerability/wordpress-acme-fix-images-plugin-1-0-0-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •