Unauthenticated Reset and Import Settings Vulnerability in Seraphinite Accelerator WordPress Plugin
CVE-2023-5611 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them
Learn more about our Wordpress Pen Testing.