Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wicked_folders
(Wickedplugins)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 21 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-02-07 | CVE-2023-0713 | The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_add_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perform actions intended for administrators such as modifying the folder structure maintained by the plugin. | Wicked_folders | 4.3 |