Lucene search

[email protected]NVD:CVE-2023-33923

HistoryMar 25, 2024 - 5:15 a.m.

CVE-2023-33923

2024-03-2505:15:49

CWE-862

[email protected]

web.nvd.nist.gov

cve-2023-33923

missing authorization

hashthemes viral news

hashthemes viral

hashthemes hashone

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

4.7

Confidence

High

EPSS

Percentile

15.5%

JSON

Missing Authorization vulnerability in HashThemes Viral News, HashThemes Viral, HashThemes HashOne.This issue affects Viral News: from n/a through 1.4.5; Viral: from n/a through 1.8.0; HashOne: from n/a through 1.3.0.

References

patchstack.com/database/vulnerability/hashone/wordpress-hashone-theme-1-3-0-broken-access-control-vulnerability?_s_id=cve

patchstack.com/database/vulnerability/viral-news/wordpress-viral-news-theme-1-4-5-authenticated-arbitrary-plugin-activation-vulnerability?_s_id=cve

patchstack.com/database/vulnerability/viral/wordpress-viral-theme-1-8-0-broken-access-control-vulnerability?_s_id=cve

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

4.7

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for NVD:CVE-2023-33923

vulnrichment1 cvelist1 cve1 wordfence1