CVE-2023-1208

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jul 10, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-1208 is a Remote Code Execution vulnerability affecting the HTTP Headers plugin for WordPress before version 1.18.11. The issue permits arbitrary data to be written to arbitrary files, enabling attackers to execute malicious code on vulnerable systems. This vulnerability poses a significant risk, as successful exploitation can compromise the entire WordPress installation. Users are advised to update the plugin to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rvJFWq
https://www.cve.org/CVERecord?id=CVE-2023-1208
https://nvd.nist.gov/vuln/detail/CVE-2023-1208

Back to Vulnerability Database

CVE-2023-1208

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations