CVE-2023-2353
CVSS 3.1 Score 8.6 of 10 (high)
Details
Summary
CVE-2023-2353 is a vulnerability affecting the CHP Ads Block Detector plugin for WordPress. This issue allows subscriber-level attackers to update and reset plugin settings without proper authorization. The vulnerability stems from a missing capability check on the 'chp_abd_action' function, which is present in versions up to and including 3.9.4. This weakness exposes websites using the affected plugin to potential configuration changes that could negatively impact their security or functionality. A duplicate vulnerability, CVE-2023-36509, has also been identified.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Apple (iPhone OS)
- MacOS
- iPadOS
Affected Vendors
- Apple