CVE-2023-23886

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-23886 is a critical vulnerability affecting WP-RecentComments, a plugin used by many WordPress sites. The issue involves missing authorization, allowing unauthorized users to exploit incorrectly configured access control security levels. This vulnerability can be exploited to gain unauthorized access to protected information or perform malicious actions. Affected versions of WP-RecentComments range from n/a through 2.2.7, and it is essential that users upgrade to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share