Severity
High
Analysis Summary
CVE-2023-26009 CVSS:9.8
Houzez Login Register plugin for WordPress could allow a remote attacker to gain elevated privileges on the system, caused by a security misconfiguration. By sending a specially crafted request to the endpoint that listens for account creation requests, an attacker could exploit this vulnerability to take complete control over the WordPress site.
CVE-2023-26540 CVSS:9.8
Houzez Theme plugin for WordPress could allow a remote attacker to gain elevated privileges on the system, caused by a security misconfiguration. By sending a specially crafted request to the endpoint that listens for account creation requests, an attacker could exploit this vulnerability to take complete control over the WordPress site.
CVE-2023-0585 CVSS:4.4
All in One SEO plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using multiple parameters to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-0586 CVSS:6.4
All in One SEO plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using multiple parameters to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-1029 CVSS:4.3
WP Meta SEO plugin for WordPress is vulnerable to cross-site request forgery, caused by missing or incorrect nonce validation on the regenerateSitemaps function. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to regenerate Sitemaps. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2023-26326 CVSS:9.8
ThemeKraft BuddyForms plugin for WordPress could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the buddyforms_upload_image_from_url function. By sending specially-crafted input using the “url” parameter, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Privilege Escalation
- Unauthorized Access
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2023-26009
- CVE-2023-26540
- CVE-2023-0585
- CVE-2023-0586
- CVE-2023-1029
- CVE-2023-26326
Affected Vendors
WordPress
Affected Products
- Favethemes Houzez Login Register plugin for WordPress 2.6.3
- Favethemes Houzez Theme plugin for WordPress 2.7.1
- WordPress All in One SEO plugin for WordPress 4.1.5.1
- WordPress All in One SEO plugin for WordPress 4.1.5.2
- WordPress WP Meta SEO plugin for WordPress 4.4.5
- WordPress WP Meta SEO plugin for WordPress 4.4.6
- ThemeKraft BuddyForms plugin for WordPress 2.7.7
Remediation
Upgrade to the latest version of Plugins for WordPress, available from the WordPress Plugin Directory.