CVE-2023-28168

CVSS 3.1 Score 3.7 of 10 (low)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-28168 is a critical vulnerability affecting the WordPress Console, where missing authorization allows unauthorized access. This issue arises due to incorrectly configured access control security levels. Attackers can exploit this vulnerability to gain unauthorized access to the WordPress Console, impacting versions from n/a to 0.3.9. It is essential for WordPress Console users to address this vulnerability promptly to prevent potential data breaches or unauthorized actions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share