关键信息 漏洞类型: Broken Access Control 受影响版本: WordPress Grand Restaurant WordPress Theme <= 7.0 风险等级: Low priority (Watch: unnecessary) 解决方案: No official fix available 描述: - A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user executing a certain higher privileged action. - This is a generic description of this vulnerability type; specific impact will be used by some CVSS scores as way to measure and rank required exploit lies in a standardized and repeatable way, but it's idea for CVSS. 时间线: - Reported by Ananda Dholakia (Patchstack) on 19 Mar 2023 - Early warning sent out to Patchstack customers on 18 Apr 2023 - Published by Patchstack on 20 Apr 2023