Vulnerabilities > CVE-2022-43492 - Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz 7.4.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-comments-wpdiscuz-plugin-7-4-2-insecure-direct-object-references-idor-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-comments-wpdiscuz-plugin-7-4-2-insecure-direct-object-references-idor-vulnerability?_s_id=cve
- https://wordpress.org/plugins/wpdiscuz/#developers
- https://wordpress.org/plugins/wpdiscuz/#developers