High severity8.1NVD Advisory· Published Jun 20, 2023· Updated Apr 8, 2026

CVE-2023-3325

Description

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the '_cmsc_public_key' in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.

Affected products

Cmscommander/Cms Commander
cpe:2.3:a:cmscommander:cms_commander:*:*:*:*:*:wordpress:*:*
Range: <=2.287

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

plugins.trac.wordpress.org/changeset/2927811/cms-commander-clientnvdPatch
www.wordfence.com/threat-intel/vulnerabilities/id/ca37d453-9f9a-46b2-a17f-65a16e3e2ed1nvdPatchThird Party Advisory
plugins.trac.wordpress.org/browser/cms-commander-client/tags/2.287/init.phpnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000