CVE-2023-40670

Published Dec 13, 2024

Last updated 5 months ago

CVSS medium 4.3

Overview

Description
Missing Authorization vulnerability in ReviewX Team ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.17.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Severity
MEDIUM

Weaknesses

audit@patchstack.com
CWE-862

Social media

Hype score
Not currently trending

  1. ๐Ÿšจ CVE-2023-40670 (Published: 2024-12-13) - A broken access control vulnerability in WordPress ReviewX Plugin v1.6.17. Users are urged to update to the latest version to mitigate risks. For detailed remediation steps, visit: https://t.co/zYz5wXCOIg #WordPress #Security

    @transilienceai

    17 Dec 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ๐Ÿšจ CVE-2023-40670 (Published: 2024-12-13) - A broken access control vulnerability in the ReviewX plugin (v1.6.17) for WordPress has been identified. Users are urged to update to the latest version to mitigate risks. More info: https://t.co/zYz5wXCOIg #WordPress #Security

    @transilienceai

    16 Dec 2024

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ๐Ÿ”’ CVE-2023-40670 (Published: 2024-12-13) - A broken access control vulnerability in the ReviewX plugin (v1.6.17) for WordPress. ๐Ÿšจ Ensure your site is secure by updating to the latest version. For more details, visit: https://t.co/zYz5wXCOIg #WordPress #Security

    @transilienceai

    16 Dec 2024

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2023-40670 (Published: 2024-12-13) affects the ReviewX plugin (v1.6.17) for WordPress, exposing a broken access control vulnerability. Users are advised to update to the latest version to mitigate risks. Stay secure! More info: https://t.co/zYz5wXCOIg #WordPress #Security

    @transilienceai

    16 Dec 2024

    17 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2023-40670 Missing Authorization vulnerability in ReviewX Team ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from nโ€ฆ https://t.co/N8CFSlaelk

    @CVEnew

    14 Dec 2024

    370 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.