CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5314

The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register() function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to send emails with arbitrary content to arbitrary locations from the affected site's mail server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.7%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-5314

Wpvnteam » Wp Extra » Version: 2.0

cpe:2.3:a:wpvnteam:wp_extra:2.0
Wpvnteam » Wp Extra » Version: 2.1

cpe:2.3:a:wpvnteam:wp_extra:2.1
Wpvnteam » Wp Extra » Version: 2.2

cpe:2.3:a:wpvnteam:wp_extra:2.2
Wpvnteam » Wp Extra » Version: 3.0

cpe:2.3:a:wpvnteam:wp_extra:3.0
Wpvnteam » Wp Extra » Version: 3.1

cpe:2.3:a:wpvnteam:wp_extra:3.1
Wpvnteam » Wp Extra » Version: 3.2

cpe:2.3:a:wpvnteam:wp_extra:3.2
Wpvnteam » Wp Extra » Version: 3.3

cpe:2.3:a:wpvnteam:wp_extra:3.3
Wpvnteam » Wp Extra » Version: 3.4

cpe:2.3:a:wpvnteam:wp_extra:3.4
Wpvnteam » Wp Extra » Version: 3.5

cpe:2.3:a:wpvnteam:wp_extra:3.5
Wpvnteam » Wp Extra » Version: 3.6

cpe:2.3:a:wpvnteam:wp_extra:3.6
Wpvnteam » Wp Extra » Version: 3.7

cpe:2.3:a:wpvnteam:wp_extra:3.7
Wpvnteam » Wp Extra » Version: 3.8

cpe:2.3:a:wpvnteam:wp_extra:3.8
Wpvnteam » Wp Extra » Version: 4.0

cpe:2.3:a:wpvnteam:wp_extra:4.0
Wpvnteam » Wp Extra » Version: 4.1

cpe:2.3:a:wpvnteam:wp_extra:4.1
Wpvnteam » Wp Extra » Version: 5.1

cpe:2.3:a:wpvnteam:wp_extra:5.1
Wpvnteam » Wp Extra » Version: 5.2

cpe:2.3:a:wpvnteam:wp_extra:5.2
Wpvnteam » Wp Extra » Version: 5.9

cpe:2.3:a:wpvnteam:wp_extra:5.9
Wpvnteam » Wp Extra » Version: 6.0

cpe:2.3:a:wpvnteam:wp_extra:6.0
Wpvnteam » Wp Extra » Version: 6.1

cpe:2.3:a:wpvnteam:wp_extra:6.1
Wpvnteam » Wp Extra » Version: 6.2

cpe:2.3:a:wpvnteam:wp_extra:6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5314

Products

Pricing

Contact Us