Vulnerability CVE-2023-3131
Published: 2023-07-10

Description:
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

Type:

CWE-862

 (Missing Authorization)

 References:
https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c
Copyright 2026, cxsecurity.com

 

Back to Top