Medium severity4.3NVD Advisory· Published Mar 6, 2023· Updated Jun 17, 2026
CVE-2023-0328
CVE-2023-0328
Description
The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication (such as update and delete the auth key).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/3c4318a9-a3c5-409b-a52e-edd8583c3c43nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.