What the vulnerability does
01Description
Missing Authorization vulnerability in scripteo Ads Pro ap-plugin-scripteo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads Pro: from n/a through <= 5.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in scripteo Ads Pro ap-plugin-scripteo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads Pro: from n/a through <= 5.0.
Explanation of Vulnerability in Simple Terms
Ads Pro versions 5.0 and earlier lack proper authorization checks, allowing authenticated users to modify or disable advertising functionality they should not have access to. An attacker with low-level account privileges can alter ad settings or availability without proper permission validation. This affects the integrity and availability of ad management features.
What an attacker can do
Modify or disable ads and advertising settings without proper authorization.
Potential impact on your site
Unauthorized users can alter your ad configuration, potentially disrupting revenue or ad delivery.
Conditions required to exploit
Attacker must have a low-privilege account on the site; no user interaction required.
Key dates
External resources