CVE-2023-52200

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 8, 2024
Updated: Jan 11, 2024
CWE ID 352
CWE ID 502

Summary

CVE-2023-52200 is a newly disclosed vulnerability affecting the Repute Infosystems ARMember plugin, which includes Membership Plugin, Content Restriction, Member Levels, User Profile, and User signup features. This issue involves both Cross-Site Request Forgery (CSRF) and deserialization of untrusted data, allowing unauthenticated attackers to manipulate user actions and potentially gain administrative access. The vulnerability has not yet been assigned an affected version range.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Repute Infosystems ARMember

Affected Vendors

  • Repute InfoSystems