CVE-2023-1888 — Improper Input Validation in Directorist

CWE-20 — Improper Input Validation5 documents5 sources

Severity

8.8HIGHNVD

EPSS

0.4%

top 40.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wpwax Directorist

Timeline

PublishedJun 9

Latest updateApr 10

Description

The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset the password of an arbitrary user and gain elevated (e.g., administrator) privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDwpwax/directorist7.5.4

🔴Vulnerability Details

VulDB

Directorist Plugin up to 7.5.4 on WordPress Password Reset input validation (ID 2920100)↗2026-04-10

▶

GHSA

GHSA-8w55-5xrc-rc8m: The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7↗2023-06-09

▶

CVEList

Directorist <= 7.5.4 - Authenticated (Subscriber+) Arbitrary User Password Reset to Privilege Escalation↗2023-06-09

▶