CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32822 – WordPress Reviews Plus plugin <= 1.3.4 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-32822
22 Apr 2024 — Missing Authorization vulnerability in impleCode Reviews Plus.This issue affects Reviews Plus: from n/a through 1.3.4. Vulnerabilidad de autorización faltante en impleCode Reviews Plus. Este problema afecta a Reviews Plus: desde n/a hasta 1.3.4. The Reviews Plus plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_hide_revs_translation_notice() function in versions up to, and including, 1.3.4. This makes it possible for authenticated attackers... • https://patchstack.com/database/vulnerability/reviews-plus/wordpress-reviews-plus-plugin-1-3-4-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •