Vulnerabilities > CVE-2023-0447 - Unspecified vulnerability in MY Youtube Channel Project MY Youtube Channel 3.0.12.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
my-youtube-channel-project

Summary

The My YouTube Channel plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the clear_all_cache function in versions up to, and including, 3.0.12.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to clear the plugin's cache.

Vulnerable Configurations

Part Description Count
Application
My_Youtube_Channel_Project
1