Unrated severityNVD Advisory· Published Jul 10, 2023· Updated Nov 12, 2024
MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update
CVE-2023-3131
Description
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.9.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6cmitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.