CVE-2023-0557

Published: Jan 27, 2023Modified: Apr 8, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts.

Affected (1)

Products: Contentstudio: Contentstudio

Contentstudio

1 product

Contentstudio

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Contentstudio Contentstudio	Before 1.2.6

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L709

Source: security@wordfence.com

ExploitIssue TrackingThird Party Advisory

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2851006%40contentstudio%2Ftrunk&old=2844028%40contentstudio%2Ftrunk&sfp_email=&sfph_mail=

Source: security@wordfence.com

PatchThird Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/62eb136f-3cb0-40dc-a154-015a7fa1077b?source=cve

Source: security@wordfence.com

https://plugins.trac.wordpress.org/browser/contentstudio/trunk/contentstudio-plugin.php#L709

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2851006%40contentstudio%2Ftrunk&old=2844028%40contentstudio%2Ftrunk&sfp_email=&sfph_mail=

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/62eb136f-3cb0-40dc-a154-015a7fa1077b

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.