CVE-2023-1888 HIGH

CVE-2023-1888: Directorist <= 7.5.4 - Authenticated (Subscriber+) Arbitrary User Password Reset to Privilege Escalation

Vendor Wpwax

Product Directorist: AI-Powered Business Directory, Listings & Classified Ads

Weakness CWE-20 · Input validation

Published June 9, 2023

Last update April 8, 2026

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset the password of an arbitrary user and gain elevated (e.g., administrator) privileges.

Key dates

02Disclosure timeline

June 9, 2023 CVE published

April 8, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1888

Related vulnerabilities

Identifiers

CVE CVE-2023-1888

CWE CWE-20

CVSS 8.8 / HIGH

Affected versions