What the vulnerability does
01Description
Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <= 1.3.07.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <= 1.3.07.
Explanation of Vulnerability in Simple Terms
WP Wand versions 1.3.07 and earlier lack proper authorization checks, allowing authenticated users to modify site data without appropriate permissions. An attacker with low-level access can alter content or disable features. Update to a version newer than 1.3.07 to resolve this issue.
What an attacker can do
Modify or disable site content and features without proper authorization.
Potential impact on your site
Authenticated users can alter your site's data or functionality beyond their intended role.
Conditions required to exploit
Attacker must have a low-level user account on the site.
Key dates
External resources