Lucene search
WpvulndbWPEX-ID:637BBD1D-2BF2-470E-8D19-BD48A2280530HistoryAug 31, 2023 - 12:00 a.m.
Multiple Plugins from ServMask - Unauthenticated Access Token Update
2023-08-3100:00:00
wpvulndb
41
servmask
unauthenticated access
plugin exploit
security risk
Description The plugins do not have authorisation in the init() function hooked to the admin_init action, allowing unauthenticated attackers to update the access token
With the All-in-One WP Migration Box Extension installed, open the below URL as unauthenticated:
https://example.com/wp-admin/admin-ajax.php?ai1wmbe_token=AAAARelated
cvelist
cvelist
wpvulndb
wpvulndb
Multiple Plugins from ServMask - Unauthenticated Access Token Update
2023-08-31 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-40004
2024-06-19 12:15:09
nvd
nvd
CVE-2023-40004
2024-06-19 12:15:09
wordfence
wordfence
6.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.7%
Related for WPEX-ID:637BBD1D-2BF2-470E-8D19-BD48A2280530