CVE-2023-4836
CVSS 3.1 Score 9.9 of 10 (high)
Details
Published Oct 31, 2023
Updated: Nov 8, 2023
CWE ID 444
Summary
CVE-2023-4836 is a vulnerability affecting the WordPress File Sharing Plugin before version 2.0.5. This issue permits unauthorized users to access files and folders by manipulating IDs, which can be easily brute forced. The plugin fails to implement proper authorization checks, thereby exposing sensitive data to potential attackers. Unpatched installations of this plugin are at risk of data breaches. It's crucial for users to update their plugins as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Qlik Sense
Affected Vendors
- Qlik Technologies