CVE-2023-4836

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Oct 31, 2023
Updated: Nov 8, 2023
CWE ID 444

Summary

CVE-2023-4836 is a vulnerability affecting the WordPress File Sharing Plugin before version 2.0.5. This issue permits unauthorized users to access files and folders by manipulating IDs, which can be easily brute forced. The plugin fails to implement proper authorization checks, thereby exposing sensitive data to potential attackers. Unpatched installations of this plugin are at risk of data breaches. It's crucial for users to update their plugins as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Qlik Sense

Affected Vendors

  • Qlik Technologies