CVE-2023-5611

Seraphinite Accelerator < 2.20.32 - Unauthorised Settings Reset/Import

EPSS 0.3%

The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them

Affected products

Unknown · Seraphinite Accelerator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/8cb8a5e9-2ab6-4d9b-9ffc-ef530e346f8d