CVE-2023-47692

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 2, 2025

CWE ID 862

Summary

CVE-2023-47692 is a missing authorization vulnerability affecting Flo Themes' Flo Forms plugin. The issue arises due to incorrectly configured access control security levels, enabling unauthorized users to exploit the flaw. This vulnerability impacts Flo Forms versions from n/a through 1.0.41, putting affected websites at risk for potential data breaches or unauthorized form submissions. Organizations utilizing the affected plugin should update to a secure version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tU6toc
https://www.cve.org/CVERecord?id=CVE-2023-47692
https://nvd.nist.gov/vuln/detail/CVE-2023-47692

Back to Vulnerability Database

CVE-2023-47692

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations