CVE-2023-1597: tagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation
First published: Mon Jul 10 2023(Updated: )
The tagDiv Cloud Library WordPress plugin before 2.7 does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog.
Credit: contact@wpscan.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| tagDiv Cloud Library | <2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-1597.
What is the severity of CVE-2023-1597?
CVE-2023-1597 has a severity rating of 8.8, which is classified as high.
What is the affected software?
The affected software is the tagDiv Cloud Library WordPress plugin before version 2.7.
What can an unauthenticated user do with this vulnerability?
An unauthenticated user can change arbitrary user metadata, which could lead to privilege escalation.
Is there a fix for CVE-2023-1597?
Yes, updating the tagDiv Cloud Library WordPress plugin to version 2.7 or later fixes the vulnerability.
- agent/type
- agent/weakness
- agent/severity
- agent/title
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-latest
- collector/nvd-api
- agent/author
- agent/softwarecombine
- vendor/tagdiv
- canonical/tagdiv cloud library