CVE-2023-5352

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 6, 2023

Updated: Nov 14, 2023

CWE ID 863

Summary

CVE-2023-5352 is a vulnerability affecting the Awesome Support WordPress plugin before version 6.1.5. This issue stems from an incorrect authorization check within the wpas_edit_reply function, enabling users to modify posts for which they lack the necessary permissions. This flaw could potentially lead to unintended content changes or data loss, posing a significant risk to WordPress sites using the vulnerable plugin version. It is crucial for users to update the plugin as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s4kdpC
https://www.cve.org/CVERecord?id=CVE-2023-5352
https://nvd.nist.gov/vuln/detail/CVE-2023-5352

Back to Vulnerability Database

CVE-2023-5352

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations