VYPR
High severity7.3NVD Advisory· Published Jan 11, 2024· Updated Apr 8, 2026

CVE-2023-6751

CVE-2023-6751

Description

The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publish_website in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.