Lucene search
WPScanCVELIST:CVE-2023-6623HistoryJan 15, 2024 - 3:10 p.m.
CVE-2023-6623 Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
2024-01-1515:10:40
WPScan
www.cve.org
wordpress
plugin
local file inclusion
The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Essential Blocks",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "4.4.3"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
nvd
nvd
CVE-2023-6623
2024-01-15 16:15:12
nuclei
nuclei
Essential Blocks < 4.4.3 - Local File Inclusion
2024-01-04 07:27:23
wpvulndb
wpvulndb
Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
2023-12-21 00:00:00
wpexploit
wpexploit
Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
2023-12-21 00:00:00
cve
cve
CVE-2023-6623
2024-01-15 16:15:12
prion
prion
Design/Logic Flaw
2024-01-15 16:15:00