The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them
History

Thu, 16 Jan 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared S-sols
S-sols seraphinite Accelerator
CPEs cpe:2.3:a:seraphinitesolutions:seraphinite_accelerator:*:*:*:*:*:wordpress:*:* cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*
Vendors & Products Seraphinitesolutions
Seraphinitesolutions seraphinite Accelerator
S-sols
S-sols seraphinite Accelerator

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-11-27T16:22:05.826Z

Updated: 2024-08-02T08:07:32.623Z

Reserved: 2023-10-17T09:47:31.155Z

Link: CVE-2023-5611

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-27T17:15:09.083

Modified: 2025-01-16T15:44:50.793

Link: CVE-2023-5611

cve-icon Redhat

No data.