CVE-2023-1597

EUVD-2023-23829
The tagDiv Cloud Library WordPress plugin before 2.7 does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
tagdivcloud_library
𝑥
< 2.7
𝑥
= Vulnerable software versions
References
https://wpscan.com/vulnerability/4eafe111-8874-4560-83ff-394abe7a803b
https://wpscan.com/vulnerability/4eafe111-8874-4560-83ff-394abe7a803b