Login Sign Up

CVE-2023-0812

7.5 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in the Active Directory Integration / LDAP Integration WordPress plugin allows unauthenticated attackers to access sensitive data through POST requests without proper authorization checks. WordPress sites using vulnerable versions of this plugin are affected. The issue stems from missing nonce validation and authorization controls.

💻 Affected Systems

Products:
  • Active Directory Integration / LDAP Integration WordPress Plugin
Versions: All versions before 4.1.1
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects WordPress installations with the vulnerable plugin enabled and configured.

📦 What is this software?

Active Directory Integration \/ Ldap Integration by Miniorange

View all CVEs affecting Active Directory Integration \/ Ldap Integration →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthenticated attackers could extract sensitive LDAP/Active Directory data including user information, group memberships, or configuration details stored by the plugin.

🟠

Likely Case

Attackers could enumerate user accounts, extract organizational structure information, or obtain configuration data that could facilitate further attacks.

🟢

If Mitigated

With proper network segmentation and access controls, impact would be limited to data accessible through the plugin's integration.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

WPScan references indicate public disclosure and likely exploitation attempts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.1.1

Vendor Advisory: https://wpscan.com/vulnerability/0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find 'Active Directory Integration / LDAP Integration'. 4. Click 'Update Now' or manually update to version 4.1.1 or later.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patching is possible

wp plugin deactivate active-directory-integration-ldap-integration

Restrict POST Access

linux

Use web application firewall or .htaccess to restrict POST requests to plugin endpoints

# Add to .htaccess:
<FilesMatch "\.php$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order deny,allow
        Deny from all
    </IfModule>
</FilesMatch>

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can reach the WordPress instance
  • Deploy a web application firewall with rules to block suspicious POST requests to plugin endpoints

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Active Directory Integration / LDAP Integration version number

Check Version:

wp plugin get active-directory-integration-ldap-integration --field=version

Verify Fix Applied:

Confirm plugin version is 4.1.1 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to /wp-admin/admin-ajax.php with plugin-specific actions
  • Multiple failed authentication attempts following data extraction

Network Indicators:

  • Unusual outbound traffic patterns after POST requests to WordPress
  • Data exfiltration patterns from WordPress server

SIEM Query:

source="wordpress.log" AND ("admin-ajax.php" AND "action=adi_" OR "action=ldap_") AND status=200

📊 Metadata

CVE ID: CVE-2023-0812
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Published: May 15, 2023
Last Updated: January 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON