← back
CVE-2023-0441

Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update

CVSS 8.1 HIGHEPSS 0.7%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Mar 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enable registration with a default administrator user role.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N