CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41132 – WordPress Category Slider for WooCommerce plugin <= 1.4.15 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-41132
24 Aug 2023 — Missing Authorization vulnerability in ShapedPlugin LLC Category Slider for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Category Slider for WooCommerce: from n/a through 1.4.15. The Category Slider for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability and nonce check on various admin notice dismissal functions in versions up to, and including, 1.4.15. This makes it possible for authenticate... • https://patchstack.com/database/wordpress/plugin/woo-category-slider-grid/vulnerability/wordpress-category-slider-for-woocommerce-plugin-1-4-15-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •