Lucene search
PatchstackCVE-2023-23978HistoryNov 23, 2023 - 12:15 a.m.
CVE-2023-23978
2023-11-2300:15:07
CWE-200
Patchstack
web.nvd.nist.gov
23
cve-2023-23978
exposure
sensitive information
unauthorized actor
switchwp
wp client reports
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
18.1%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SwitchWP WP Client Reports plugin <=Β 1.0.16 versions.
Affected configurations
Node
switchwpwp_client_reportsRange<1.0.17wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| switchwp | wp_client_reports | * | cpe:2.3:a:switchwp:wp_client_reports:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-client-reports",
"product": "WP Client Reports",
"vendor": "SwitchWP",
"versions": [
{
"changes": [
{
"at": "1.0.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.16",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2023-23978
2023-11-23 00:15:07
prion
prion
Code injection
2023-11-23 00:15:00
vulnrichment
vulnrichment
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
18.1%
Related for CVE-2023-23978