The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_db_specs() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve data key specs.
This Cyber News was published on www.tenable.com. Publication date: Thu, 07 Dec 2023 19:31:04 +0000