nvd-json-data-feeds/CVE-2023/CVE-2023-461xx/CVE-2023-46188.json

{
  "id": "CVE-2023-46188",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2025-01-02T12:15:11.127",
  "lastModified": "2025-01-02T12:15:11.127",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup: from n/a through 2.1.3."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de autorizaci\u00f3n faltante en Jose Mortellaro Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup: desde n/a hasta 2.1.3."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "audit@patchstack.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://patchstack.com/database/wordpress/plugin/freesoul-deactivate-plugins/vulnerability/wordpress-freesoul-deactivate-plugins-plugin-2-1-3-broken-access-control-vulnerability?_s_id=cve",
      "source": "audit@patchstack.com"
    }
  ]
}