Lucene search
PatchstackCVELIST:CVE-2023-52176HistoryJun 04, 2024 - 12:43 p.m.
CVE-2023-52176 WordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerability
2024-06-0412:43:40
CWE-290
Patchstack
www.cve.org
wordpress
malware scanner
vulnerability
authentication bypass
ip restriction bypass
acls
unauthorized access
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "miniorange-malware-protection",
"product": "Malware Scanner",
"vendor": "miniorange",
"versions": [
{
"changes": [
{
"at": "4.7.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.7.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-52176
2024-06-04 13:15:50
wpvulndb
wpvulndb
Malware Scanner < 4.7.2 - IP Spoofing
2024-01-04 00:00:00
nvd
nvd
CVE-2023-52176
2024-06-04 13:15:50
vulnrichment
vulnrichment
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-52176