CVE-2023-3325— WordPress Plugin CMS Commander 安全特征问题漏洞

CMS Commander <= 2.287 - Authorization Bypass through Use of Insufficiently Unique Cryptographic Signature

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the '_cmsc_public_key' in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

对数据真实性的验证不充分

WordPress Plugin CMS Commander 安全特征问题漏洞

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin CMS Commander 2.287及之前版本存在安全特征问题漏洞，该漏洞源于cmsc_add_site函数上使用了不唯一的加密签名，使未经身份验证的插件攻击者可以更改插件配置中的_cmsc_public_key，从而提供对

N/A

N/A