[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fu-NwuOfqZL-xfEVuqpzDlW0WfMrV9j9Znry0B8OEDFU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-23893","simple-giveaways-missing-authorization-via-ajax-actions","Simple Giveaways \u003C= 2.46.0 - Missing Authorization via AJAX actions","The Simple Giveaways plugin for WordPress is vulnerable to unauthorized actions due to a missing capability check on several AJAX actions in versions up to, and including, 2.46.0. This makes it possible for unauthenticated attackers to perform unauthorized actions allowing them to see available giveaways, save plugin settings, end giveaways and select winners among other things.","giveasap",null,"\u003C=2.46.0","2.46.1","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Missing Authorization","2023-07-04 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F721f8943-5d59-41ee-935e-999dff2e590d?source=api-prod",203]