Security Advisory

CVE-2023-4374

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-16 04:36:01

Last updated 2026-04-08 16:44:26

Assigner Wordfence

State PUBLISHED

Description

The WP Remote Users Sync plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the refresh_logs_async functions in versions up to, and including, 1.2.11. This makes it possible for authenticated attackers with subscriber privileges or above, to view logs.

← Browse all CVEs View on cve.org ↗