daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2023-32117.yaml

patch-1
pussycat0x 2023-08-02 11:14:25 +05:30 committed by GitHub
parent 4d4d008de0
commit 873bd7c3cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
http/cves/2023/CVE-2023-32117.yaml
View File

@ -4,7 +4,7 @@ info:
name: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints name: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints
author: DhiyaneshDK author: DhiyaneshDK
severity: high severity: high
description: | description: |
The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 1.1.99. This makes it possible for unauthenticated attackers to perform a wide variety of operations, such as moving files, creating folders, copying details, and much more. The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 1.1.99. This makes it possible for unauthenticated attackers to perform a wide variety of operations, such as moving files, creating folders, copying details, and much more.
remediation: Fixed in 1.2.0 remediation: Fixed in 1.2.0
reference: reference: