1 results (0.001 seconds)
CVSS: 5.3EPSS: %CPEs: 1EXPL: 0
CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2022-44578 – Owl Carousel <= 0.5.3 - Missing Authorization via save_paramter.php
https://notcve.org/view.php?id=CVE-2022-44578
The Owl Carousel plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check in the file /save_parameter.php in versions up to, and including, 0.5.3. This makes it possible for unauthenticated attackers to update plugin settings. • CWE-862: Missing Authorization •