CVE-2023-46628 – This CVE describes a Missing Authorization vuln... (How to Fix)

📋 TL;DR

This CVE describes a Missing Authorization vulnerability in the WP Word Count WordPress plugin that allows attackers to exploit incorrectly configured access controls. It affects all versions up to 3.2.4, potentially allowing unauthorized users to access functionality intended only for administrators. WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:

RedLettuce Plugins WP Word Count

Versions: All versions up to and including 3.2.4

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WordPress installations with the WP Word Count plugin installed and activated.

📦 What is this software?

Wp Word Count by Redlettuce

View all CVEs affecting Wp Word Count →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify word count statistics, manipulate plugin settings, or potentially chain with other vulnerabilities to gain administrative access to the WordPress site.

🟠

Likely Case

Unauthorized users can access administrative functions of the WP Word Count plugin, potentially altering word count data or plugin configuration.

🟢

If Mitigated

With proper access controls and authentication checks, only authorized administrators can access plugin functionality.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires some level of access to the WordPress site, but not necessarily administrative privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 3.2.4

Vendor Advisory: https://patchstack.com/database/wordpress/plugin/wp-word-count/vulnerability/wordpress-wp-word-count-plugin-3-2-4-broken-access-control-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins > Installed Plugins
3. Find WP Word Count plugin
4. Click 'Update Now' if available
5. If no update available, deactivate and remove the plugin

🔧 Temporary Workarounds

Disable WP Word Count Plugin

all

Temporarily disable the vulnerable plugin until patched version is available

wp plugin deactivate wp-word-count

Restrict Plugin Access via .htaccess

linux

Add access restrictions to plugin directory

# Add to .htaccess in wp-content/plugins/wp-word-count/
Order Deny,Allow
Deny from all

🧯 If You Can't Patch

Remove WP Word Count plugin completely and use alternative word count solutions
Implement strict access controls and monitor for unauthorized access attempts to plugin functionality

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for WP Word Count version 3.2.4 or earlier

Check Version:

wp plugin get wp-word-count --field=version

Verify Fix Applied:

Verify WP Word Count plugin version is higher than 3.2.4 or plugin is removed

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to wp-word-count plugin endpoints
Unusual activity in WordPress admin logs from non-admin users

Network Indicators:

HTTP requests to /wp-content/plugins/wp-word-count/ from unauthorized IPs

SIEM Query:

source="wordpress" AND (uri_path="/wp-content/plugins/wp-word-count/" OR plugin="wp-word-count") AND user_role!="administrator"

📊 Metadata

CVE ID: CVE-2023-46628

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-862

EPSS Score: 0.14% exploit probability (34th percentile)

Published: January 2, 2025

Last Updated: March 21, 2025

🔗 References

https://patchstack.com/database/wordpress/plugin/wp-word-count/vulnerability/wordpress-wp-word-count-plugin-3-2-4-broken-access-control-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-46628, you might also want to check these: