How severe is CVE-2023-1910?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2023-1910?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-1910 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to flush the remote template cache. Cached template information can also be accessed via this endpoint but these are not considered sensitive as they are publicly accessible from the developer's site.

Related Vulnerabilities

CVE-2011-4820

MEDIUM

CVSS:4.3(Medium)

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences.

NVD-CWE-Other2011

CVE-2015-1971

MEDIUM

CVSS:4.3(Medium)

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manag...

NVD-CWE-Other2015

CVE-2015-6479

MEDIUM

CVSS:4.3(Medium)

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover poten...

NVD-CWE-Other2015

CVE-2016-0162

MEDIUM

CVSS:4.3(Medium)

Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

NVD-CWE-Other2016

CVE-2016-11050

MEDIUM

CVSS:4.3(Medium)

An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016...

NVD-CWE-Other2016

CVE-2016-3422

MEDIUM

CVSS:4.3(Medium)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

NVD-CWE-Other2016