CVE Catalog
CVE-2023-32959
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.02%
6th percentile — higher than 6% of all known CVEs
Summary
MetroStore has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels.
Risk Assessment
The organization may be exposed to unauthorized access to data or functions, potentially leading to serious security breaches.
Recommendation
It is recommended to review and improve the configuration of access control levels in MetroStore to ensure proper user authorization.
Original NVD description (English source)
Missing Authorization vulnerability in Sparkle WP MetroStore metrostore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MetroStore: from n/a through 1.3.2.

