Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:FEEF4928-143E-466A-9C04-F9CF410D194E
HistoryOct 25, 2023 - 12:00 a.m.

WP EXtra < 6.3 - Subscriber+ .htaccess File Modification

2023-10-2500:00:00
wpscan.com
2
wordpress
plugin
security

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

55.0%

JSON

Description The plugin is missing capability checks on the register function, allowing authenticated users, with roles as low as subscriber, to modify the contents of the site’s .htaccess files, leading to potential remote code execution.

Related

nvd 1
cve 1
prion 1
cvelist 1
wordfence 1
nvd
nvd
CVE-2023-5311
2023-10-25 18:17:43
cve
cve
CVE-2023-5311
2023-10-25 18:17:43
prion
prion
Remote code execution
2023-10-25 18:17:00
cvelist
cvelist
CVE-2023-5311
2023-10-25 07:36:02
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 23, 2023 to October 29, 2023)
2023-11-02 18:40:49

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

55.0%

JSON
Related for WPVDB-ID:FEEF4928-143E-466A-9C04-F9CF410D194E
nvd1cve1prion1cvelist1wordfence1