CVE-2023-25703

MEDIUM

WP OnlineSupport <1.6.2 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Meta slider and carousel with lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta slider and carousel with lightbox: from n/a through 1.6.2.

Scores

CVSS v3 5.3
EPSS 0.0053
EPSS Percentile 40.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
WP OnlineSupport, Essential Plugin/Meta slider and carousel with lightbox < 1.6.2
Published Dec 09, 2024
Tracked Since Feb 18, 2026