CVE-2020-36831
16.10.2024, 07:15
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in versions up to, and including 4.3.17. This makes it possible for low-privileged attackers, like subscribers, to perform restricted actions that would be otherwise locked to a administrative-level user.Enginsight
Vendor | Product | Version |
---|---|---|
nextscripts | social_networks_auto_poster | 𝑥 < 4.3.18 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References