Vulnerability Description
Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticated attackers with minimal permissions, such as subscribers, to install select plugins from Inisev on vulnerable sites. CVE-2023-38514 appears to be a duplicate of this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Backupbliss | Backup Migration | < 1.2.8 |
| Backupbliss | Clone | < 2.3.8 |
| Copy-Delete-Posts | Duplicate Post | < 1.4.0 |
| Inisev | Enhanced Text Widget | < 1.5.8 |
| Inisev | Redirection | < 1.1.4 |
| Inisev | Rss Redirect \& Feedburner Alternative | < 3.8 |
| Inisev | Ssl Mixed Content Fix | < 3.2.4 |
| Inisev | Ultimate Posts Widget | < 2.2.5 |
| Mypopups | Pop-Up | < 1.2.0 |
| Socialshare | Social Share Icons \& Social Share Buttons | < 3.5.8 |
| Ultimatelysocial | Social Media Share Buttons \& Social Sharing Icons | < 2.8.2 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banProduct
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banProduct
- https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/mProduct
- https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/mProduct
- https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banneProduct
- https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.7/banneProduct
- https://plugins.trac.wordpress.org/browser/feedburner-alternative-and-rss-redireProduct
- https://plugins.trac.wordpress.org/browser/http-https-remover/tags/3.2.3/banner/Product
- https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.1.9/modules/bannProduct
- https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.2.0/modules/bannProduct
- https://plugins.trac.wordpress.org/browser/redirect-redirection/tags/1.1.3/incluProduct
- https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.4/bannProduct
- https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.5/bannProduct
- https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.Product
- https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.Product
FAQ
What is CVE-2023-0958?
CVE-2023-0958 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_insta...
How severe is CVE-2023-0958?
CVE-2023-0958 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0958?
Check the references section above for vendor advisories and patch information. Affected products include: Backupbliss Backup Migration, Backupbliss Clone, Copy-Delete-Posts Duplicate Post, Inisev Enhanced Text Widget, Inisev Redirection.