WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability
CVE-2023-46145

8.8HIGH

Key Information:

Vendor: WordPress
Status: Themify Ultra
Vendor: CVE Published:; 17 May 2024

Summary

An improper privilege management vulnerability in Themify Ultra enables unauthorized privilege escalation, potentially allowing attackers to gain elevated access to the system. This issue affects all versions of Themify Ultra from n/a up to version 7.3.5. Users of the affected product should take immediate precautions to mitigate risks associated with this vulnerability.

Affected Version(s)

Themify Ultra <= 7.3.5

References

https://patchstack.com/database/vulnerability/themify-ult...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2024
Vulnerability Reserved
Oct 17, 2023

Credit

Rafie Muhammad (Patchstack)