WordPress Plugin Vulnerabilities

Simple Staff List < 2.2.5 - Missing Authorization via ajax_flush_rewrite_rules and staff_member_export

Description

The Simple Staff List plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the ajax_flush_rewrite_rules and staff_member_export functions in versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to flush rewrite rules and export a list of staff members.

Affects Plugins

Plugin icon
simple-staff-list
Fixed in 2.2.5

References

CVE
CVE-2023-51526
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/3ef8bf84-768f-4ef1-8037-4e51ccc20c83

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Abdi Pranata
Verified
No
WPVDB ID
f102cd3e-1159-4d78-a9fd-1d902ddd01bf

Timeline

Publicly Published
2023-12-27 (about 2 years ago)
Added
2024-01-04 (about 2 years ago)
Last Updated
2024-01-22 (about 2 years ago)

Other

Published
Title
Published
2026-05-07
Title
bunny.net – WordPress CDN Plugin < 2.3.7 - Missing Authorization
Published
2026-03-16
Title
StoreCustomizer – A plugin to Customize all WooCommerce Pages < 2.6.5 - Missing Authorization
Published
2026-03-30
Title
Truebooker - Appointment Booking and Scheduler Plugin < 1.1.5 - Sensitive Information Exposure via Views Files
Published
2025-10-16
Title
MeetingHub < 1.23.10 - Missing Authorization
Published
2025-03-27
Title
Ads by WPQuads < 2.0.88 - Missing Authorization