CVE-2023-5816

Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading

Severity Score

4.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only access WordPress related files. This makes it possible for authenticated attackers, with administrator-level access, to read files outside of the WordPress instance.

El complemento Code Explorer para WordPress es vulnerable a la lectura arbitraria de archivos externos en todas las versiones hasta la 1.4.5 incluida. Esto se debe a que el complemento no restringe el acceso a los archivos a aquellos que se encuentran fuera de la instancia de WordPress, aunque la intención del complemento es acceder únicamente a los archivos relacionados con WordPress. Esto permite que atacantes autenticados, con acceso de nivel de administrador, lean archivos fuera de la instancia de WordPress.

*Credits: Dmitrii Ignatyev

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

Multiple

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-26 CVE Reserved
2024-10-29 CVE Published
2025-02-11 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-73: External Control of File Name or Path

CAPEC

References (2)

URL	Tag	Source
https://wordpress.org/plugins/code-explorer/#developers
https://www.wordfence.com/threat-intel/vulnerabilities/id/42ecc4e5-d660-472f-823d-a29b84cdf041?source=cve

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Qriouslad Search vendor "Qriouslad"		Code Explorer Search vendor "Qriouslad" for product "Code Explorer"				<= 1.4.5 Search vendor "Qriouslad" for product "Code Explorer" and version " <= 1.4.5"		en		Affected