CVE-2022-4972 - "WordPress Download Monitor Auth Bypass"

1 month ago 15
ARTICLE AD BOX
CVE ID : CVE-2022-4972
Published : Oct. 16, 2024, 7:15 a.m. | 24 minutes ago
Description : The Download Monitor plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST-API routes related to reporting in versions up to, and including, 4.7.51. This makes it possible for unauthenticated attackers to view user data and other sensitive information intended for administrators.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article