Login Sign Up

CVE-2023-5974

9.8 CRITICAL
SSRF

📋 TL;DR

The WPB Show Core WordPress plugin through version 2.2 contains a server-side request forgery (SSRF) vulnerability in the 'path' parameter. This allows attackers to make unauthorized requests from the vulnerable server to internal or external systems. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • WPB Show Core WordPress Plugin
Versions: Versions through 2.2
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires plugin to be installed and activated. No special configuration needed for exploitation.

📦 What is this software?

Wpb Show Core by Wpb Show Core Project

View all CVEs affecting Wpb Show Core →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, perform port scanning of internal networks, or chain with other vulnerabilities to achieve remote code execution.

🟠

Likely Case

Attackers scanning for internal services, accessing metadata services (like AWS IMDS), or making requests to internal APIs to gather information.

🟢

If Mitigated

Limited impact with proper network segmentation, outbound firewall rules, and input validation in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SSRF vulnerabilities are commonly exploited and weaponized due to their potential for internal network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 2.3 or later

Vendor Advisory: https://wpscan.com/vulnerability/c0136057-f420-4fe7-a147-ecbec7e7a9b5

Restart Required: No

Instructions:

1. Update WPB Show Core plugin to version 2.3 or later via WordPress admin panel. 2. Verify update completed successfully. 3. Test plugin functionality after update.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the WPB Show Core plugin until patched

wp plugin deactivate wpb-show-core

Web Application Firewall rule

all

Block requests containing SSRF patterns in the path parameter

🧯 If You Can't Patch

  • Implement strict outbound firewall rules to limit server-initiated connections
  • Deploy network segmentation to isolate WordPress server from sensitive internal systems

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > WPB Show Core version. If version is 2.2 or lower, you are vulnerable.

Check Version:

wp plugin get wpb-show-core --field=version

Verify Fix Applied:

After updating, verify plugin version shows 2.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from WordPress server
  • Requests to internal IP addresses or metadata services
  • Multiple failed connection attempts to various ports

Network Indicators:

  • WordPress server making unexpected outbound HTTP/HTTPS requests
  • Requests to internal network ranges from web server

SIEM Query:

source="wordpress.log" AND ("wpb-show-core" OR "path parameter") AND (http_request OR outbound_connection)

📊 Metadata

CVE ID: CVE-2023-5974
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-918
Published: November 27, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-5974, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)