CVE-2023-6289

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 18, 2023

Updated: Dec 21, 2023

Summary

CVE-2023-6289 is a vulnerability affecting the Swift Performance Lite WordPress plugin. Before version 2.3.6.15, the plugin fails to restrict the exporting of settings, potentially exposing sensitive data such as Cloudflare API tokens to unauthorized users. This issue poses a risk of data breaches and unauthorized access, emphasizing the importance of keeping WordPress plugins updated to mitigate security vulnerabilities.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tjF0s7
https://www.cve.org/CVERecord?id=CVE-2023-6289
https://nvd.nist.gov/vuln/detail/CVE-2023-6289

Back to Vulnerability Database

CVE-2023-6289

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations