Vulnerabilities > CVE-2023-4374 - Unspecified vulnerability in Froger WP Remote Users Sync

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

froger

NVD

Published: 2023-08-16

Updated: 2024-11-21

Summary

The WP Remote Users Sync plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'refresh_logs_async' functions in versions up to, and including, 1.2.11. This makes it possible for authenticated attackers with subscriber privileges or above, to view logs.

Vulnerable Configurations

Part	Description	Count
Application	Froger Froger WP Remote Users Sync - Froger WP Remote Users Sync 1.0 Froger WP Remote Users Sync 1.0.1 Froger WP Remote Users Sync 1.0.2 Froger WP Remote Users Sync 1.0.3 Froger WP Remote Users Sync 1.1 Froger WP Remote Users Sync 1.1.1 Froger WP Remote Users Sync 1.1.2 Froger WP Remote Users Sync 1.1.3 Froger WP Remote Users Sync 1.1.4 Froger WP Remote Users Sync 1.1.5 Froger WP Remote Users Sync 1.1.6 Froger WP Remote Users Sync 1.1.7 Froger WP Remote Users Sync 1.1.8 Froger WP Remote Users Sync 1.1.9 Froger WP Remote Users Sync 1.1.10 Froger WP Remote Users Sync 1.1.11 Froger WP Remote Users Sync 1.1.12 Froger WP Remote Users Sync 1.2 Froger WP Remote Users Sync 1.2.1 Froger WP Remote Users Sync 1.2.2 Froger WP Remote Users Sync 1.2.3 Froger WP Remote Users Sync 1.2.4 Froger WP Remote Users Sync 1.2.5 Froger WP Remote Users Sync 1.2.6 Froger WP Remote Users Sync 1.2.7 Froger WP Remote Users Sync 1.2.8 Froger WP Remote Users Sync 1.2.9 Froger WP Remote Users Sync 1.2.11	29

Summary

Vulnerable Configurations

References