CVE-2023-1888
published 2023-06-09CVE-2023-1888: The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of…
PriorityP353high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.98%
57.9th percentile
The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset the password of an arbitrary user and gain elevated (e.g., administrator) privileges.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpwax | directorist | <= 7.5.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Directorist Plugin up to 7.5.4 on WordPress Password Reset input validation (ID 2920100)
vuldb·2026-04-10·CVSS 8.8
CVE-2023-1888 [HIGH] Directorist Plugin up to 7.5.4 on WordPress Password Reset input validation (ID 2920100)
A vulnerability, which was classified as critical, has been found in Directorist Plugin up to 7.5.4 on WordPress. Affected by this issue is some unknown functionality of the component Password Reset Handler. This manipulation causes improper input validation.
The identification of this vulnerability is CVE-2023-1888. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
GHSA
GHSA-8w55-5xrc-rc8m: The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7
ghsa_unreviewed·2023-06-09
CVE-2023-1888 [HIGH] CWE-20 GHSA-8w55-5xrc-rc8m: The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7
The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset the password of an arbitrary user and gain elevated (e.g., administrator) privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2920100/directoristhttps://www.wordfence.com/blog/2023/06/critical-security-update-directorist-wordpress-plugin-patches-two-high-risk-vulnerabilities/https://www.wordfence.com/threat-intel/vulnerabilities/id/01943559-e05b-4dca-b322-d880b2729ee7?source=cvehttps://plugins.trac.wordpress.org/changeset/2920100/directoristhttps://www.wordfence.com/threat-intel/vulnerabilities/id/01943559-e05b-4dca-b322-d880b2729ee7?source=cve
2023-06-09
Published