What the vulnerability does
01Description
Missing Authorization vulnerability in wedos.com WEDOS Global wgpwpp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WEDOS Global: from n/a through <= 1.2.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in wedos.com WEDOS Global wgpwpp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WEDOS Global: from n/a through <= 1.2.2.
Explanation of Vulnerability in Simple Terms
WEDOS Global versions up to 1.2.2 lack proper authorization checks, allowing unauthenticated attackers to modify data via network requests. The vulnerability requires no user interaction and affects the integrity of the application. No confidentiality or availability impact is present.
What an attacker can do
Modify data in the application without authentication.
Potential impact on your site
Unauthorized users can alter application data, potentially affecting site content or configuration.
Conditions required to exploit
Network access to the affected WEDOS Global instance; no authentication required.
Key dates
External resources