CVE-2023-23730 - OpenCVE

Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-captcha-bypass-vulnerability?_s_id=cve

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-06-03T21:24:35.797Z

Updated: 2024-06-03T21:24:35.797Z

Reserved: 2023-01-17T15:49:23.462Z

Link: CVE-2023-23730

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-06-03T22:15:08.840

Modified: 2024-06-04T16:57:41.057

Link: CVE-2023-23730

JSON object: View

Redhat Information

No data.

CWE

CWE-307

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23730", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2023-01-17T15:49:23.462Z", "datePublished": "2024-06-03T21:24:35.797Z", "dateUpdated": "2024-06-03T21:24:35.797Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "ultimate-addons-for-gutenberg", "product": "Spectra", "vendor": "Brainstorm Force", "versions": [{"changes": [{"at": "2.3.1", "status": "unaffected"}], "lessThanOrEqual": "2.3.0", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Dave Jong (Patchstack)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.<p>This issue affects Spectra: from n/a through 2.3.0.</p>"}], "value": "Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0."}], "impacts": [{"capecId": "CAPEC-554", "descriptions": [{"lang": "en", "value": "CAPEC-554 Functionality Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-307", "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2024-06-03T21:24:35.797Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-captcha-bypass-vulnerability?_s_id=cve"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to 2.3.1 or a higher version."}], "value": "Update to 2.3.1 or a higher version."}], "source": {"discovery": "EXTERNAL"}, "title": "WordPress Spectra \u2013 WordPress Gutenberg Blocks plugin <= 2.3.0 - Captcha Bypass Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}