CVE-2023-39920

Published Dec 13, 2024

Last updated 5 months ago

CVSS high 7.5

Overview

Description
Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through 2.9.2.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-862

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2023-39920 (Published: 2024-12-13) - A high-severity vulnerability in WordPress plugin "Contact Form 7 Redirection" (version 2.9.2) has been identified. This broken access control issue can be exploited. 🔒 Remediation: Update to the latest version immediately! More info:…

    @transilienceai

    17 Dec 2024

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2023-39920 (Published: 2024-12-13) - A high-severity vulnerability in WordPress plugin "Redirection for Contact Form 7" (version 2.9.2) allows broken access control. 🛠️ Remediation: Update to the latest version to secure your site! More info: https://t.co/Fo9pUYMgGu… http

    @transilienceai

    16 Dec 2024

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2023-39920 (Published: 2024-12-13) - A high-severity vulnerability in WordPress plugin "Contact Form 7 Redirection" (versions ≤ 2.9.2) allows broken access control. 🚨 Remediation: Update to the latest version to secure your site! More info: https://t.co/Fo9pUYMgGu… https://t

    @transilienceai

    16 Dec 2024

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2023-39920 Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff… https://t.co/VlSBVRacKx

    @CVEnew

    14 Dec 2024

    482 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2023-39920 (Published: 2024-12-13) - A high-severity vulnerability in the WordPress plugin "Redirection for Contact Form 7" (version 2.9.2) has been identified. This broken access control issue could be exploited. 🔒 Update to the latest version to mitigate risks! More… ht

    @transilienceai

    14 Dec 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.