CVE-2023-6369

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 11, 2024
Updated: Jan 17, 2024
CWE ID 862

Summary

CVE-2023-6369 is a vulnerability affecting the Export WP Page to Static HTML/CSS plugin for WordPress. This issue allows authenticated attackers, with subscriber-level access and above, to bypass capability checks on multiple AJAX actions. Consequently, these attackers can unauthorizedly access and modify sensitive data, including advanced plugin settings, posing a significant security risk. Versions up to and including 2.1.9 of the plugin are vulnerable to this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share