CVE-2023-3325 HIGH

CVE-2023-3325: CMS Commander <= 2.287 - Authorization Bypass through Use of Insufficiently Unique Cryptographic Signature

Vendor Thoefter
Product CMS Commander – Manage Multiple Sites
Weakness CWE-345
Published June 20, 2023
Last update April 8, 2026

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the '_cmsc_public_key' in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.

Key dates

02Disclosure timeline

June 20, 2023 CVE published
April 8, 2026 Record updated