Vulnerability Details : CVE-2023-2916
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.
Vulnerability category: Gain privilegeInformation leak
Products affected by CVE-2023-2916
- cpe:2.3:a:revmakx:infinitewp_client:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-2916
0.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 44 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-2916
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.6
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
Wordfence |
CWE ids for CVE-2023-2916
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: security@wordfence.com (Secondary)
-
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-2916
-
https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4
Changeset 2925897 for iwp-client – WordPress Plugin RepositoryPatch
-
https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php#L365
core.class.php in iwp-client/tags/1.11.1 – WordPress Plugin RepositoryExploit
-
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e49-9cc6208b7b19?source=cve
InfiniteWP Client <= 1.11.1 - Authenticated (Subscriber+) Sensitive Information ExposureExploit;Third Party Advisory
Jump to