Vulnerabilities > CVE-2023-22674 - Missing Authorization vulnerability in Halgatewood Dashicons + Custom Post Types 1.0.2

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

halgatewood

CWE-862

NVD

Published: 2023-12-21

Updated: 2023-12-29

Summary

Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2.

Vulnerable Configurations

Part	Description	Count
Application	Halgatewood Halgatewood Dashicons + Custom Post Types - Halgatewood Dashicons + Custom Post Types 1.0.2	2

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://patchstack.com/database/vulnerability/dashicons-cpt/wordpress-dashicons-custom-post-types-plugin-1-0-2-broken-access-control?_s_id=cve