CVE-2023-36531

{"id": "CVE-2023-36531", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-12-13T15:15:17.570", "references": [{"url": "https://patchstack.com/database/wordpress/plugin/wp-poll/vulnerability/wordpress-liquidpoll-advanced-polls-for-creators-and-brands-plugin-3-3-68-broken-access-control-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Received", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in LiquidPoll LiquidPoll \u2013 Advanced Polls for Creators and Brands allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll \u2013 Advanced Polls for Creators and Brands: from n/a through 3.3.68."}], "lastModified": "2024-12-13T15:15:17.570", "sourceIdentifier": "audit@patchstack.com"}