Rewterz Threat Advisory – CVE-2023-3863 – Linux Kernel Vulnerability
July 26, 2023Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities
July 26, 2023Rewterz Threat Advisory – CVE-2023-3863 – Linux Kernel Vulnerability
July 26, 2023Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities
July 26, 2023Severity
High
Analysis Summary
CVE-2023-3713
ProfileGrid plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by missing capability checks in the profile_magic_check_smtp_connection function. An attacker could exploit this vulnerability to update the site options.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-3713
Affected Vendors
WordPress
Affected Products
- ProfileGrid Plugin for WordPress 2.8.5
- ProfileGrid plugin for WordPress 4.7.4
Remediation
Upgrade to the latest version of ProfileGrid plugin for WordPress, available from the WordPress Plugin Directory.