CVE-2023-35883

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 19, 2023

Updated: Dec 22, 2023

CWE ID 601

Summary

CVE-2023-35883 is a vulnerability affecting the Core Web Vitals & PageSpeed Booster plugin for WordPress. This issue involves an Open Redirect vulnerability, which allows an attacker to redirect users to malicious sites. The impacted versions of the plugin range from not available to 1.0.12. Successful exploitation could lead to phishing scams or the distribution of malware, potentially compromising user data. Users are advised to update the plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rwoPts
https://www.cve.org/CVERecord?id=CVE-2023-35883
https://nvd.nist.gov/vuln/detail/CVE-2023-35883

Back to Vulnerability Database

CVE-2023-35883

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations