Vulnerabilities > CVE-2020-14205 - Missing Authorization vulnerability in Divebook Project Divebook 1.1.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |