What the vulnerability does
01Description
Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through <= 2.5.9.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through <= 2.5.9.
Explanation of Vulnerability in Simple Terms
Delucks SEO versions 2.5.9 and earlier lack proper authorization checks, allowing unauthenticated attackers to modify site data. An attacker can send network requests to alter content without needing to log in or interact with a user. This affects the integrity of your site's information but does not expose sensitive data or cause downtime.
What an attacker can do
Modify site data without authentication.
Potential impact on your site
Attackers can alter your site's content or settings without a valid account.
Conditions required to exploit
Network access to the site; no login or user interaction required.
Key dates
External resources
Related vulnerabilities