CVE-2023-4800

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 16, 2023

Updated: Nov 7, 2023

CWE ID 601

Summary

CVE-2023-4800 is a vulnerability affecting the DoLogin Security plugin for WordPress. This issue allows low privileged users to access a widget displaying IP addresses of failed login attempts. By exploiting this vulnerability, unauthorized users could potentially gain sensitive information, increasing the risk of unauthorized access to WordPress sites using this plugin. Site administrators are strongly encouraged to update to the latest version of DoLogin Security (3.7.1) to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tYop0g
https://www.cve.org/CVERecord?id=CVE-2023-4800
https://nvd.nist.gov/vuln/detail/CVE-2023-4800

Back to Vulnerability Database

CVE-2023-4800

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations