CVE-2023-47840 — AI Deep Analysis Summary

🚨 **Essence**: Qode Essential Addons (WP Plugin) has a **Missing Authorization** flaw. <br>💥 **Consequences**: Attackers can install/activate **arbitrary plugins**.…

🛡️ **Root Cause**: **CWE-94** (Code Injection) via **Missing Capability Check**. <br>🔍 **Flaw**: The `install_plugin()` function lacks proper permission verification.…

📦 **Affected**: WordPress Plugin **Qode Essential Addons**. <br>📅 **Versions**: All versions **up to and including 1.5.2**. <br>🏢 **Vendor**: Qode Interactive. 📌

🕵️ **Attacker Action**: Install & Activate **Any Plugin**. <br>🔑 **Privileges**: Requires **Subscriber+** access (lowest WP role). <br>💾 **Impact**: Can execute arbitrary code, steal DB, or deface site. 🚫

🔓 **Threshold**: **LOW**. <br>👤 **Auth**: Needs **Authenticated** access (Subscriber role is easy to get). <br>⚙️ **Config**: No special config needed. Just valid login credentials. 🚶‍♂️

💻 **Exploit**: **YES**. <br>📂 **PoC**: Public on GitHub (RandomRobbieBF). <br>🌐 **Status**: Proof of Concept available. Wild exploitation likely for low-privilege accounts. 📥

🔍 **Self-Check**: Scan for **Qode Essential Addons** version. <br>📊 **Check**: Is version **≤ 1.5.2**? <br>👀 **Monitor**: Look for unauthorized plugin installations in WP logs. 📝

🩹 **Fix**: Update Plugin to **> 1.5.2**. <br>📢 **Status**: Vendor released patch. <br>✅ **Action**: Immediate upgrade recommended. 🚀

🛑 **No Patch?**: **Disable** the plugin immediately. <br>🔒 **Mitigation**: Restrict Subscriber privileges. <br>🚫 **Block**: Prevent non-admins from accessing plugin install endpoints. 🧱

🔥 **Urgency**: **HIGH**. <br>⚡ **Priority**: Fix ASAP. <br>📉 **Risk**: Low bar to entry (Subscriber) + High impact (Code Exec). Don't wait! ⏳