CVE-2023-49822

Vulnerability

The Ultimate Dashboard plugin for WordPress (versions from n/a through 3.7.10) contains an Exposure of Sensitive Information vulnerability coupled with Accessing Functionality Not Properly Constrained by ACLs. The plugin does not adequately verify user permissions before allowing access to certain administrative features, which can lead to unauthorized viewing of sensitive plugin configuration data.

Exploitation

An attacker must have at least subscriber-level access to the WordPress site, as the vulnerable functions reside in the admin area. No additional special privileges or user interaction beyond a valid session is required. The attacker can navigate to specific plugin settings pages that should be restricted to higher-privilege roles, thereby accessing sensitive information.

Impact

Successful exploitation results in the exposure of sensitive plugin configuration data to an unauthorized actor. The attacker can view information that is meant to be restricted, such as plugin settings, which may include paths, keys, or other operational details. The CIA impact is limited to information disclosure with low severity; no direct code execution or privilege escalation is achieved.

Mitigation

The vulnerability is fixed in version 3.7.11 and later. Users should update Ultimate Dashboard to the latest available version (currently 3.8.16, as per the WordPress plugin repository [1]). No workaround is provided for sites that cannot immediately update. The plugin remains actively maintained and supported.