Description
The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them
Published: 2023-11-27
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-57904 The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them
History

Thu, 16 Jan 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared S-sols
S-sols seraphinite Accelerator
CPEs cpe:2.3:a:seraphinitesolutions:seraphinite_accelerator:*:*:*:*:*:wordpress:*:* cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*
Vendors & Products Seraphinitesolutions
Seraphinitesolutions seraphinite Accelerator
S-sols
S-sols seraphinite Accelerator

Subscriptions

S-sols Seraphinite Accelerator
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2024-08-02T08:07:32.623Z

Reserved: 2023-10-17T09:47:31.155Z

Link: CVE-2023-5611

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-27T17:15:09.083

Modified: 2025-01-16T15:44:50.793

Link: CVE-2023-5611

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses