Vulnerability Description
The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata (via the function cstu_get_metadata) that includes the plugin's contentstudio_token. Knowing this token allows for other interactions with the plugin such as creating posts in versions prior to 1.2.5, which added other requirements to posting and updating.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Contentstudio | Contentstudio | < 1.2.6 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/contentstudio/tags/1.2.1/contentstudiExploitThird Party Advisory
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&newPatchThird Party Advisory
- https://www.wordfence.com/threat-intel/vulnerabilities/id/52db8d41-859a-4d68-8b8
- https://plugins.trac.wordpress.org/browser/contentstudio/tags/1.2.1/contentstudiExploitThird Party Advisory
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&newPatchThird Party Advisory
- https://www.wordfence.com/threat-intel/vulnerabilities/id/52db8d41-859a-4d68-8b8Third Party Advisory
FAQ
What is CVE-2023-0556?
CVE-2023-0556 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for ...
How severe is CVE-2023-0556?
CVE-2023-0556 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-0556?
Check the references section above for vendor advisories and patch information. Affected products include: Contentstudio Contentstudio.