CVE-2023-45765

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 2, 2025

Updated: Jan 31, 2025

CWE ID 862

Summary

CVE-2023-45765 is a new vulnerability impacting weDevs WP ERP, an accounting and HR management plugin for WordPress. The issue involves missing authorization controls, which can be exploited if access levels are incorrectly configured. Attackers can potentially gain unauthorized access to sensitive data or functionality within the plugin, affecting all versions from n/a through 1.12.6. WeDevs has been urged to release a patch to address this security concern promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

weDevs

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s-0Ay4
https://www.cve.org/CVERecord?id=CVE-2023-45765
https://nvd.nist.gov/vuln/detail/CVE-2023-45765

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-45765

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations