cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1169,https://securityvulnerability.io/vulnerability/CVE-2023-1169,Authorization Vulnerability in OoohBoi Steroids for Elementor Plugin,"The OoohBoi Steroids for Elementor plugin for WordPress suffers from a missing capability check in the 'file_uploader_callback' function, allowing subscriber-level users to upload image attachments without proper authorization. This vulnerability affects versions up to and including 2.1.4, potentially leading to unauthorized access and exploitation of site functionalities.",Wordpress,OoohBoi Steroids for Elementor,4.3,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2023-06-09T06:15:00.000Z,0
CVE-2023-0336,https://securityvulnerability.io/vulnerability/CVE-2023-0336,OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion,The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.,Wordpress,Ooohboi Steroids For Elementor,6.5,MEDIUM,0.000539999979082495,false,,false,false,true,2023-03-27T16:15:00.000Z,true,false,false,,2023-03-27T16:15:00.000Z,0