CVE-2023-6824
EUVD-2023-5903416.01.2024, 16:15
The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| marvinlabs | wp_customer_area | 𝑥 < 8.2.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration