Bizreview
Monthly
Missing authorization in Foysal Imran BizReview WordPress plugin versions up to 1.5.13 allows unauthenticated remote attackers to modify data via incorrectly configured access control, bypassing intended permission restrictions. The CVSS score of 5.3 reflects low integrity impact with no confidentiality or availability compromise. EPSS probability is extremely low at 0.02%, and no public exploit code or active exploitation has been identified, suggesting this is a configuration-level authorization flaw rather than a critical remote code execution vulnerability.
Missing authorization in Foysal Imran BizReview WordPress plugin versions up to 1.5.13 allows unauthenticated remote attackers to modify data via incorrectly configured access control, bypassing intended permission restrictions. The CVSS score of 5.3 reflects low integrity impact with no confidentiality or availability compromise. EPSS probability is extremely low at 0.02%, and no public exploit code or active exploitation has been identified, suggesting this is a configuration-level authorization flaw rather than a critical remote code execution vulnerability.