CVE-2023-6741

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 16, 2024

Updated: Jan 23, 2024

Summary

CVE-2023-6741 is a vulnerability affecting the WP Customer Area plugin for WordPress. This issue allows malicious users to edit other users' account addresses by exploiting the plugin's insufficient capability validation in some AJAX actions. Successful exploitation of this vulnerability could lead to unauthorized modifications of user account information. Upgrading to version 8.2.1 or later addresses this security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tx9Fef
https://www.cve.org/CVERecord?id=CVE-2023-6741
https://nvd.nist.gov/vuln/detail/CVE-2023-6741

Back to Vulnerability Database

CVE-2023-6741

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations