CVE-2023-0443 — MEDIUM (5.3)

Q: How severe is CVE-2023-0443?

CVE-2023-0443 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-0443?

Check the references section above for vendor advisories and patch information. Affected products include: Wpvibes Anywhere Elementor.

Vulnerability Description

The AnyWhere Elementor WordPress plugin before 1.2.8 discloses a Freemius Secret Key which could be used by an attacker to purchase the pro subscription using test credit card numbers without actually paying the amount. Such key has been revoked.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Wpvibes	Anywhere Elementor	< 1.2.8

References

FAQ

What is CVE-2023-0443?

CVE-2023-0443 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The AnyWhere Elementor WordPress plugin before 1.2.8 discloses a Freemius Secret Key which could be used by an attacker to purchase the pro subscription using test credit card numbers without actually...

How severe is CVE-2023-0443?

CVE-2023-0443 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-0443?

Check the references section above for vendor advisories and patch information. Affected products include: Wpvibes Anywhere Elementor.