[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNu3JqentnkCmBhwyYVhUjEJ75zoAQf9JMHTBdOAfsO0":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-fd12ce4a-585d-4e26-88fb-1ab9dcc8727d-restropress","restropress-missing-authorization-4","RestroPress \u003C= 2.8.3 - Missing Authorization","The RestroPress plugin for WordPress is vulnerable to missing authorization in versions up to, and including, 2.8.3. This is due to improper nonce and capability checks in several of the AJAX calls. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to access restricted order information and edit the order status.","restropress",null,"\u003C=2.8.3","2.8.3.1","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Access Control","2021-07-19 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffd12ce4a-585d-4e26-88fb-1ab9dcc8727d?source=api-prod",918]