CVE-2023-3204

MEDIUM

Materialis <= 1.1.24 - Authenticated Arbitrary Options Update via companion_disable_popup AJAX Action

Title source: llm
STIX 2.1

Description

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companion_disable_popup() function called via an AJAX action. This makes it possible for authenticated attackers, with minimal permissions such as subscribers, to modify any option on the site to a numerical value.

Scores

CVSS v3 6.5
EPSS 0.0037
EPSS Percentile 28.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (2)
extendthemes/Materialis < 1.1.24
extendthemes/materialis < 1.1.30
Published Jun 20, 2024
Tracked Since Feb 18, 2026