CVE-2023-3707
ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post (such as draft and private) via an IDOR vector. Password protected posts are not affected by this issue.
El complemento ActivityPub de WordPress anterior a 1.0.0 no garantiza que los contenidos de las publicaciones que se mostrarán sean públicos y pertenezcan al complemento, lo que permite a cualquier usuario autenticado, como un suscriptor, recuperar el contenido de una publicación arbitraria (como borrador y privada) a través de un IDOR vector. Las publicaciones protegidas con contraseña no se ven afectadas por este problema.
The ActivityPub plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 0.17.0 due to missing validation on a user controlled key. This can allow authenticated attackers, with subscriber-level permissions and above, to expose sensitive post information (e.g., draft and private post content).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-07-17 CVE Reserved
- 2023-09-25 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-10-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-639: Authorization Bypass Through User-Controlled Key
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://wpscan.com/vulnerability/541bbe4c-3295-4073-901d-763556269f48 | 2024-08-02 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Automattic Search vendor "Automattic" | Activitypub Search vendor "Automattic" for product "Activitypub" | < 1.0.0 Search vendor "Automattic" for product "Activitypub" and version " < 1.0.0" | wordpress |
Affected
|