CVE-2023-52229

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 20, 2024
CWE ID 862

Summary

CVE-2023-52229 is a new vulnerability affecting the Save as PDF plugin by Pdfcrowd in Word Replacer Pro. This missing authorization issue allows unauthenticated users to save files with arbitrary file names and content, bypassing access controls. The vulnerability affects all versions of Word Replacer Pro from the unspecified version n/a through 1.0. Successful exploitation could result in data leakage or unintended file modifications. Users are advised to update to the latest version of the plugin or contact their software vendor for a patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share