CVE-2023-1023
published 2023-02-28CVE-2023-1023: The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function…
PriorityP420medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.54%
41.2th percentile
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to change sitemap-related settings of the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomunited | wp_meta_seo | <= 4.5.3 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-736c-6582-j82m: The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings
ghsa_unreviewed·2023-02-28
CVE-2023-1023 [MEDIUM] CWE-862 GHSA-736c-6582-j82m: The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to change sitemap-related settings of the plugin. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.
Red Hat
kernel: fs/ntfs3: NULL pointer dereference issue
vendor_redhat·2024-04-02·CVSS 5.5
CVE-2023-52631 [MEDIUM] CWE-476 kernel: fs/ntfs3: NULL pointer dereference issue
kernel: fs/ntfs3: NULL pointer dereference issue
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix an NULL dereference bug
The issue here is when this is called from ntfs_load_attr_list(). The
"size" comes from le32_to_cpu(attr->res.data_size) so it can't overflow
on a 64bit systems but on 32bit systems the "+ 1023" can overflow and
the result is zero. This means that the kmalloc will succeed by
returning the ZERO_SIZE_PTR and then the memcpy() will crash with an
Oops on the next line.
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Hat
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2870465/wp-meta-seo/trunk?contextall=1&old=2869205&old_path=%2Fwp-meta-seo%2Ftrunk#file2https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2870465%40wp-meta-seo&new=2870465%40wp-meta-seo&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/9d1e498a-ddcb-4c67-bf0d-bb45b6fe0e9d?source=cvehttps://plugins.trac.wordpress.org/changeset/2870465/wp-meta-seo/trunk?contextall=1&old=2869205&old_path=%2Fwp-meta-seo%2Ftrunk#file2https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2870465%40wp-meta-seo&new=2870465%40wp-meta-seo&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/9d1e498a-ddcb-4c67-bf0d-bb45b6fe0e9d
2023-02-28
Published