WordPress Plugin WP Private Message Insecure Direct Object Reference - CVE-2023-0453 - Vulnerability Database

WordPress Plugin WP Private Message Insecure Direct Object Reference - CVE-2023-0453

Medium

Reference: CVE-2023-0453

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-0453

Title: WordPress Plugin WP Private Message Insecure Direct Object Reference

Overview:

WordPress Plugin WP Private Message is prone to a insecure direct object reference (IDOR) vulnerability. Exploiting this issue may allow an attacker to read arbitrary messages. WordPress Plugin WP Private Message version 1.0.5 is vulnerable prior versions may also be affected.