WordPress Plugin Vulnerabilities

WP Customer Reviews < 3.6.7 - Authenticated (Subscriber+) Sensitive Information Exposure

Description

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and trashed posts and pages in addition to other post types such as galleries.

Affects Plugins

Plugin icon
wp-customer-reviews
Fixed in 3.6.7

References

CVE
CVE-2023-4686
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/24b9984c-ec33-4492-815b-67a21ac4da0e

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Marco Wotschka
Verified
No
WPVDB ID
35c25336-1f1d-4985-812e-e742f9d7a563

Timeline

Publicly Published
2023-10-31 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-01-22 (about 2 years ago)

Other

Published
Title
Published
2025-06-12
Title
myCred < 2.9.4.3 - Missing Authorization
Published
2023-08-28
Title
WP Users Media <= 4.2.3 - Missing Authorization via wpusme_save_settings
Published
2025-07-28
Title
Brizy < 2.6.21 - Missing Authorization to Unauthenticated Limited File Upload
Published
2025-12-29
Title
weForms < 1.6.26 - Missing Authorization
Published
2023-09-14
Title
Essential Addons for Elementor < 5.8.9 - Authenticated (Contributor+) Privilege Escalation