CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Circl•added 2023/10/31 5:21 p.m.•3 views

CVE-2023-4836

creationtimestamp| type| source ---|---|--- 2023-10-31 17:21:10+00:00| seen| https://t.me/cibsecurity/73239 2025-04-03 13:34:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10200...

4.3CVSS4.6AI score0.00487EPSS

Exploits2References2

Vulnrichment•added 2023/10/31 1:54 p.m.•6 views

CVE-2023-4836 WordPress File Sharing Plugin < 2.0.5 - Subscriber+ Sensitive Data and Files Exposure via IDOR

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced...

5.1AI score0.00487EPSS

Exploits2References2

CVE•added 2023/10/31 1:54 p.m.•81 views

CVE-2023-4836

The vulnerability CVE-2023-4836 affects the WordPress File Sharing Plugin (prior to version 2.0.5). The root cause is missing authorization checks, enabling IDOR-style access where an attacker can manipulate IDs to view files/folders, potentially exposing private data. Reported impact is exposure...

4.3CVSS4.7AI score0.00487EPSS

Exploits2References2Affected Software1

Patchstack•added 2023/10/31 12:0 a.m.•15 views

WordPress User Private Files Plugin < 2.0.5 is vulnerable to Insecure Direct Object References (IDOR)

Software User Private Files Type Plugin Vulnerable versions 2.0.5 Fixed in 2.0.5 OWASP Top 10 A3: Injection Classification Insecure Direct Object References IDOR CVE CVE-2023-4836 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 588e3012fbb4 Credits Dmitrii Ignatyev Require...

4.3CVSS7.1AI score0.00487EPSS

Exploits2References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by