CVE-2023-0558

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

T

he ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper API keys.

References

Link	Resource
https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416	Exploit Release Notes Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve	Third Party Advisory
https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416	Exploit Release Notes Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:contentstudio:contentstudio:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:37

Type	Values Removed	Values Added
References	~~() https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416 - Exploit, Release Notes, Third Party Advisory~~	() https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416 - Exploit, Release Notes, Third Party Advisory
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve - Third Party Advisory~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~9.8~~	v2 : unknown v3 : 8.2

Information

Published : 2023-01-27 22:15

Updated : 2024-11-21 07:37

NVD link : CVE-2023-0558

Mitre link : CVE-2023-0558

CVE.ORG link : CVE-2023-0558

JSON object : View

Products Affected

contentstudio

contentstudio

CWE

NVD-CWE-noinfo

{"id": "CVE-2023-0558", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-01-27T22:15:09.347", "references": [{"url": "https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416", "tags": ["Exploit", "Release Notes", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L416", "tags": ["Exploit", "Release Notes", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c31828dc-ef94-4895-8395-a5d52a0a82bd?source=cve", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by users with proper API keys."}, {"lang": "es", "value": "El complemento ContentStudio para WordPress es vulnerable a la omisi\u00f3n de autorizaci\u00f3n debido a una verificaci\u00f3n de token no segura que es susceptible de realizar malabarismos de tipos en versiones hasta la 1.2.5 incluida. Esto hace posible que atacantes no autenticados ejecuten funciones destinadas a usuarios con claves API adecuadas."}], "lastModified": "2024-11-21T07:37:24.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:contentstudio:contentstudio:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2258CF06-A5A1-408E-996F-F16D5D0B57E7", "versionEndExcluding": "1.2.6"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}