Lucene search

[email protected]CVE-2023-52233

HistoryJun 11, 2024 - 4:15 p.m.

CVE-2023-52233

2024-06-1116:15:16

CWE-862

[email protected]

web.nvd.nist.gov

authorization

post smtp

vulnerability

mailer

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6.

Affected configurations

Vulners

Node

post_smtppost_smtp_mailer\/email_logRange≤2.8.6

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "post-smtp",
    "product": "Post SMTP Mailer/Email Log",
    "vendor": "Post SMTP",
    "versions": [
      {
        "changes": [
          {
            "at": "2.8.7",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.8.6",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-broken-access-control-on-api-vulnerability?_s_id=cve

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-52233

nvd1 vulnrichment1 cvelist1