CVE-2023-45104

HIGH

Wpdeveloper Betterlinks < 1.6.1 - Missing Authorization

Title source: rule

Description

Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through 1.6.0.

References (1)

[Third Party Advisory] https://patchstack.com/database/wordpress/plugin/betterlinks/vulnerability/wordpress-betterlinks-plugin-1-6-0-broken-access-control-vulnerability?_s_id=cve

Scores

CVSS v3 7.3

EPSS 0.0021

EPSS Percentile 42.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-862

Status published

Affected Products (1)

wpdeveloper/betterlinks < 1.6.1

Timeline

Published Jan 02, 2025

Tracked Since Feb 18, 2026