CVE-2023-6875

Description

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-6875
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

wordfence
CVE ID: CVE-2023-6875
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

Proof Of Concept

Nuclei Templates for CVE-2023-6875

Refrence: Project Discovery GitHub

UlyssesSaicha

CVE-2023-6875 PoC

Refrence: GitHub

gbrsh

Exploit for CVE-2023-6875 - Unauthorized Account Takeover.

Refrence: GitHub

hatlesswizard

CVE-2023-6875 exploit written for Xakep.Ru

Refrence: GitHub

Refrence: NVD MITRE

Description​

Proof Of Concept​

Description

Proof Of Concept