CVE-2023-0447
Description
The My YouTube Channel plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the clear_all_cache function in versions up to, and including, 3.0.12.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to clear the plugin's cache.
References
PatchThird Party Advisory
Third Party Advisory
Third Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics