CVE-2023-5359
Vulnerability from cvelistv5
Published
2024-09-24 07:30
Modified
2024-09-24 13:37
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.
References
security@wordfence.comhttps://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39Product
security@wordfence.comhttps://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.phpPatch
security@wordfence.comhttps://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cveThird Party Advisory
Impacted products
Vendor Product Version
boldgrid W3 Total Cache Version: *    2.7.5
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5359",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T13:17:08.548172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T13:37:04.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "W3 Total Cache",
          "vendor": "boldgrid",
          "versions": [
            {
              "lessThanOrEqual": "2.7.5",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ivan Kuzymchak"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-24T07:30:45.348Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-23T00:00:00.000+00:00",
          "value": "Disclosed"
        }
      ],
      "title": "W3 Total Cache \u003c= 2.7.5 - Sensitive Credentials Stored in Plaintext"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2023-5359",
    "datePublished": "2024-09-24T07:30:45.348Z",
    "dateReserved": "2023-10-03T13:24:45.256Z",
    "dateUpdated": "2024-09-24T13:37:04.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-5359\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2024-09-25T01:15:39.730\",\"lastModified\":\"2024-09-30T14:19:15.970\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.\"},{\"lang\":\"es\",\"value\":\"El complemento W3 Total Cache para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en versiones hasta la 2.7.5 incluida, a trav\u00e9s de secretos de la API de Google OAuth almacenados en texto plano en la fuente del complemento visible p\u00fablicamente. Esto puede permitir que atacantes no autenticados se hagan pasar por W3 Total Cache y obtengan acceso a la informaci\u00f3n de la cuenta del usuario en condiciones exitosas. Esto no afectar\u00eda al sitio de los usuarios de WordPress de ninguna manera.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-312\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"2.7.6\",\"matchCriteriaId\":\"E67A0E45-1E2E-4ECA-8B03-AB56A64CA1A5\"}]}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39\",\"source\":\"security@wordfence.com\",\"tags\":[\"Product\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php\",\"source\":\"security@wordfence.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve\",\"source\":\"security@wordfence.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5359\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-24T13:17:08.548172Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-24T13:36:59.913Z\"}}], \"cna\": {\"title\": \"W3 Total Cache \u003c= 2.7.5 - Sensitive Credentials Stored in Plaintext\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Ivan Kuzymchak\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"boldgrid\", \"product\": \"W3 Total Cache\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.7.5\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-09-23T00:00:00.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2024-09-24T07:30:45.348Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-5359\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-24T13:37:04.524Z\", \"dateReserved\": \"2023-10-03T13:24:45.256Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2024-09-24T07:30:45.348Z\", \"assignerShortName\": \"Wordfence\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.