CVE-2023-5098

CVSS 3.1 Score 9.0 of 10 (high)

Details

Published Oct 31, 2023

Updated: Nov 8, 2023

CWE ID 434

CWE ID 79

Summary

CVE-2023-5098 is a vulnerability affecting the Campaign Monitor Forms by Optin Cat plugin used in WordPress sites. This issue permits users with minimal privileges, such as subscribers, to override any site options with the string "true". Consequences of this vulnerability may result in a Denial of Service (DoS) attack. Prior to version 2.5.6, the plugin failed to implement sufficient access control measures, leaving sites susceptible to manipulation. To mitigate this risk, users are advised to update the plugin to the latest version.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t1wn8G
https://www.cve.org/CVERecord?id=CVE-2023-5098
https://nvd.nist.gov/vuln/detail/CVE-2023-5098

Back to Vulnerability Database

CVE-2023-5098

CVSS 3.1 Score 9.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations