The AnyWhere Elementor WordPress plugin before 1.2.8 discloses a Freemius Secret Key which could be used by an attacker to purchase the pro subscription using test credit card numbers without actually paying the amount. Such key has been revoked.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/471f3226-8f90-43d1-b826-f11ef4bbd602 | Exploit |
Configurations
History
07 Nov 2023, 04:00
Type | Values Removed | Values Added |
---|---|---|
CWE |
05 Jun 2023, 14:29
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | (MISC) https://wpscan.com/vulnerability/471f3226-8f90-43d1-b826-f11ef4bbd602 - Exploit | |
CPE | cpe:2.3:a:wpvibes:anywhere_elementor:*:*:*:*:*:wordpress:*:* | |
First Time |
Wpvibes
Wpvibes anywhere Elementor |
30 May 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-30 08:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-0443
Mitre link : CVE-2023-0443
CVE.ORG link : CVE-2023-0443
JSON object : View
Products Affected
wpvibes
- anywhere_elementor
CWE
No CWE.