CVE-2023-23887
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-23887 is a critical vulnerability affecting the Easy Google Analytics plugin for WordPress. The issue is a missing authorization feature, which enables unauthorized access to the plugin's settings. This vulnerability can be exploited if the access control security levels are incorrectly configured, potentially leading to data theft or manipulation. The affected versions of the plugin range from not available to 1.6.0. It is strongly recommended that WordPress users immediately update to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share