CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2351

The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_admin' function in versions up to, and including, 1.2.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to delete or change plugin settings, import demo data, delete Directory Kit related posts and terms, and install arbitrary plugins. A partial patch was introduced in version 1.2.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.7%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-2351

Wpdirectorykit » Wp Directory Kit » Version: N/A

cpe:2.3:a:wpdirectorykit:wp_directory_kit:-
Wpdirectorykit » Wp Directory Kit » Version: 1.0.0

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.0
Wpdirectorykit » Wp Directory Kit » Version: 1.0.1

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.1
Wpdirectorykit » Wp Directory Kit » Version: 1.0.2

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.2
Wpdirectorykit » Wp Directory Kit » Version: 1.0.3

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.3
Wpdirectorykit » Wp Directory Kit » Version: 1.0.4

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.4
Wpdirectorykit » Wp Directory Kit » Version: 1.0.5

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.5
Wpdirectorykit » Wp Directory Kit » Version: 1.0.6

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.6
Wpdirectorykit » Wp Directory Kit » Version: 1.0.7

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.7
Wpdirectorykit » Wp Directory Kit » Version: 1.0.9

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.0.9
Wpdirectorykit » Wp Directory Kit » Version: 1.1.0

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.0
Wpdirectorykit » Wp Directory Kit » Version: 1.1.1

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.1
Wpdirectorykit » Wp Directory Kit » Version: 1.1.2

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.2
Wpdirectorykit » Wp Directory Kit » Version: 1.1.3

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.3
Wpdirectorykit » Wp Directory Kit » Version: 1.1.4

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.4
Wpdirectorykit » Wp Directory Kit » Version: 1.1.7

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.7
Wpdirectorykit » Wp Directory Kit » Version: 1.1.8

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.8
Wpdirectorykit » Wp Directory Kit » Version: 1.1.9

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.1.9
Wpdirectorykit » Wp Directory Kit » Version: 1.2.0

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.2.0
Wpdirectorykit » Wp Directory Kit » Version: 1.2.1

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.2.1
Wpdirectorykit » Wp Directory Kit » Version: 1.2.2

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.2.2
Wpdirectorykit » Wp Directory Kit » Version: 1.2.3

cpe:2.3:a:wpdirectorykit:wp_directory_kit:1.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2351

Products

Pricing

Contact Us