HomePentest-Tools.com Logo

Essential Blocks < 4.4.3 - Local File Inclusion CVE-2023-6623

Severity
CVSSv3 Score
9.8
Vulnerability description

Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site.\n

Risk description

The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from arbitrary files located on the file system of the server.

Recommendation

Upgrade to the latest version of Essential Blocks 4.4.3 to fix this issue.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jan 15, 2024
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available