Lucene search

[email protected]NVD:CVE-2023-22699

HistoryMar 25, 2024 - 12:15 p.m.

CVE-2023-22699

2024-03-2512:15:09

CWE-862

[email protected]

web.nvd.nist.gov

cve-2023-22699

mainwp

wordfence

authorization

vulnerability

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

EPSS

Percentile

9.0%

JSON

Missing Authorization vulnerability in MainWP MainWP Wordfence Extension.This issue affects MainWP Wordfence Extension: from n/a through 4.0.7.

References

patchstack.com/database/vulnerability/mainwp-wordfence-extension/wordpress-mainwp-wordfence-extension-plugin-4-0-7-subscriber-arbitrary-plugin-activation-vulnerability?_s_id=cve

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-22699

cve1 vulnrichment1 cvelist1