Vulnerability: Unauthorized Message Deletion in All Users Messenger WordPress Plugin

Vulnerability: Unauthorized Message Deletion in All Users Messenger WordPress Plugin

CVE-2023-4023 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger.

Learn more about our Wordpress Pen Testing.