CVE-2023-5559

Summary

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service.

Affected Software

VendorProductVersion RangeStatus
Unknown10Web Booster0 < 2.24.18affected

Weaknesses

  • CWE-862 Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

References