CVE-2023-2353

CVSS 3.1 Score 8.6 of 10 (high)

Details

Published Aug 31, 2023
Updated: Nov 7, 2023

Summary

CVE-2023-2353 is a vulnerability affecting the CHP Ads Block Detector plugin for WordPress. This issue allows subscriber-level attackers to update and reset plugin settings without proper authorization. The vulnerability stems from a missing capability check on the 'chp_abd_action' function, which is present in versions up to and including 3.9.4. This weakness exposes websites using the affected plugin to potential configuration changes that could negatively impact their security or functionality. A duplicate vulnerability, CVE-2023-36509, has also been identified.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apple (iPhone OS)
  • MacOS
  • iPadOS

Affected Vendors

  • Apple