CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5843

The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfads_ajax_load_ads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot be specified arbitrarily.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.088

EPSS Ranking 92.1%

CVSS Severity

CVSS v3 Score 9.0

References

Products affected by CVE-2023-5843

Datafeedr » Ads By Datafeedr.com » Version: 1.0.10

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.10
Datafeedr » Ads By Datafeedr.com » Version: 1.0.11

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.11
Datafeedr » Ads By Datafeedr.com » Version: 1.0.12

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.12
Datafeedr » Ads By Datafeedr.com » Version: 1.0.13

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.13
Datafeedr » Ads By Datafeedr.com » Version: 1.0.14

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.14
Datafeedr » Ads By Datafeedr.com » Version: 1.0.15

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.15
Datafeedr » Ads By Datafeedr.com » Version: 1.0.16

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.16
Datafeedr » Ads By Datafeedr.com » Version: 1.0.8

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.8
Datafeedr » Ads By Datafeedr.com » Version: 1.0.9

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.0.9
Datafeedr » Ads By Datafeedr.com » Version: 1.1.0

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.1.0
Datafeedr » Ads By Datafeedr.com » Version: 1.1.1

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.1.1
Datafeedr » Ads By Datafeedr.com » Version: 1.1.2

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.1.2
Datafeedr » Ads By Datafeedr.com » Version: 1.1.3

cpe:2.3:a:datafeedr:ads_by_datafeedr.com:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5843

Products

Pricing

Contact Us