CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22674 – WordPress Dashicons + Custom Post Types Plugin <= 1.0.2 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-22674
13 Jan 2023 — Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2. Autorización faltante, vulnerabilidad de Cross-Site Request Forgery (CSRF) en Hal Gatewood Dashicons + Custom Post Types. Este problema afecta a Dashicons + Custom Post Types: desde n/a hasta 1.0.2. The Dashicons + Custom Post Types plugin for WordPress is vulnerable to authorization bypass due to a missing capability c... • https://patchstack.com/database/vulnerability/dashicons-cpt/wordpress-dashicons-custom-post-types-plugin-1-0-2-broken-access-control?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •