CVE-2023-4686 - Vulnerability Details - OpenCVE

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and trashed posts and pages in addition to other post types such as galleries.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Bompus	Wp Customer Reviews
Gowebsolutions	Wp Customer Reviews

Configuration 1 [-]

cpe:2.3:a:gowebsolutions:wp_customer_reviews:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866
https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk
https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve

History

Tue, 10 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Bompus Bompus wp Customer Reviews
CPEs		cpe:2.3:a:bompus:wp_customer_reviews:3.6.6:::::::*
Vendors & Products		Bompus Bompus wp Customer Reviews
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-11-22T15:33:22.031Z

Updated: 2025-06-10T13:35:20.235Z

Reserved: 2023-08-31T17:55:27.619Z

Link: CVE-2023-4686

Vulnrichment

Updated: 2024-08-02T07:31:06.584Z

NVD

Status : Modified

Published: 2023-11-22T16:15:09.823

Modified: 2024-11-21T08:35:41.120

Link: CVE-2023-4686

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4686", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-08-31T17:55:27.619Z", "datePublished": "2023-11-22T15:33:22.031Z", "dateUpdated": "2025-06-10T13:35:20.235Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-11-22T15:33:22.031Z"}, "affected": [{"vendor": "bompus", "product": "WP Customer Reviews", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "3.6.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and trashed posts and pages in addition to other post types such as galleries."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866"}, {"url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Marco Wotschka"}], "timeline": [{"time": "2023-08-31T00:00:00.000+00:00", "lang": "en", "value": "Discovered"}, {"time": "2023-10-31T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"affected": [{"vendor": "bompus", "product": "wp_customer_reviews", "cpes": ["cpe:2.3:a:bompus:wp_customer_reviews:3.6.6:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.6.6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-10T13:33:40.957822Z", "id": "CVE-2023-4686", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-10T13:35:20.235Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:31:06.584Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:31:06.584Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4686", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-10T13:33:40.957822Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:bompus:wp_customer_reviews:3.6.6:*:*:*:*:*:*:*"], "vendor": "bompus", "product": "wp_customer_reviews", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "3.6.6"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T15:58:46.280Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Marco Wotschka"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "bompus", "product": "WP Customer Reviews", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.6.6"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2023-08-31T00:00:00.000+00:00", "value": "Discovered"}, {"lang": "en", "time": "2023-10-31T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866"}, {"url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk"}], "descriptions": [{"lang": "en", "value": "The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and trashed posts and pages in addition to other post types such as galleries."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-11-22T15:33:22.031Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4686", "state": "PUBLISHED", "dateUpdated": "2025-06-10T13:35:20.235Z", "dateReserved": "2023-08-31T17:55:27.619Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2023-11-22T15:33:22.031Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gowebsolutions:wp_customer_reviews:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "B038FF72-049E-4DEB-999C-7033549EF126", "versionEndIncluding": "3.6.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and trashed posts and pages in addition to other post types such as galleries."}, {"lang": "es", "value": "El complemento WP Customer Reviews para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en versiones hasta la 3.6.6 incluida a trav\u00e9s de la funci\u00f3n ajax_enabled_posts. Esto puede permitir a atacantes autenticados extraer datos confidenciales, como t\u00edtulos de publicaciones y slugs, incluidos aquellos de publicaciones y p\u00e1ginas protegidas y eliminadas, adem\u00e1s de otros tipos de publicaciones, como galer\u00edas."}], "id": "CVE-2023-4686", "lastModified": "2024-11-21T08:35:41.120", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-11-22T16:15:09.823", "references": [{"source": "[email protected]", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866"}, {"source": "[email protected]", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wp-customer-reviews/trunk/include/admin/wp-customer-reviews-3-admin.php?rev=2617376#L866"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2965656/wp-customer-reviews/trunk?contextall=1&old=2882143&old_path=%2Fwp-customer-reviews%2Ftrunk"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e?source=cve"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}