CVE-2023-2916

moderate-risk
Published 2023-08-15

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.

Do I need to act?

!
29.5% chance of exploitation in next 30 days
EPSS score — higher than 70% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / HIGH complexity

Affected Products (1)

Affected Vendors

Revmakx

References (6)

Exploit https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php...
Patch https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4
Exploit https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e4...
Exploit https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php...
Patch https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4
Exploit https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e4...
42
/ 100
moderate-risk
Severity 22/34 · High
Exploitability 15/34 · Moderate
Exposure 5/34 · Minimal