CVE-2023-23825

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-23825 is a critical vulnerability affecting Brainstorm Force Spectra, a software used for creating and managing WordPress plugins. The issue involves missing authorization, enabling unauthorized users to bypass incorrectly configured access control security levels. Consequently, attackers can exploit this vulnerability, which has been identified in versions of Spectra ranging from not available to 2.3.0. This flaw puts websites using these affected versions at risk of unauthorized access and potential data breaches. It is essential for users to update their Spectra software to the latest version as soon as possible to mitigate this security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share