Login Sign Up

CVE-2023-6845

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

The CommentTweets WordPress plugin through version 0.6 lacks CSRF protection on certain endpoints, allowing attackers to trick logged-in administrators into performing unauthorized actions. This affects all WordPress sites using vulnerable versions of the CommentTweets plugin.

💻 Affected Systems

Products:
  • CommentTweets WordPress plugin
Versions: All versions through 0.6
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with CommentTweets plugin enabled and at least one logged-in user with appropriate privileges.

📦 What is this software?

Commenttweets by Theresehansen

View all CVEs affecting Commenttweets →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could compromise administrator accounts to modify site content, install malicious plugins/themes, or gain full administrative control of the WordPress installation.

🟠

Likely Case

Attackers could force administrators to change settings, delete content, or create new administrator accounts, leading to site defacement or data loss.

🟢

If Mitigated

With proper CSRF tokens and user awareness, the attack would fail as requests would be rejected without valid tokens.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires social engineering to trick logged-in users into clicking malicious links. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.7 or later

Vendor Advisory: https://wordpress.org/plugins/commenttweets/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find CommentTweets plugin. 4. Click 'Update Now' if available, or manually update to version 0.7+. 5. Verify plugin is active and functioning.

🔧 Temporary Workarounds

Disable CommentTweets Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate commenttweets

Implement CSRF Protection via Security Plugin

all

Use security plugins like Wordfence or Sucuri to add additional CSRF protection

🧯 If You Can't Patch

  • Implement strict access controls and limit administrative sessions
  • Educate users about phishing risks and implement click-jacking protection headers

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for CommentTweets version. If version is 0.6 or lower, you are vulnerable.

Check Version:

wp plugin get commenttweets --field=version

Verify Fix Applied:

After updating, verify CommentTweets plugin shows version 0.7 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Multiple POST requests to CommentTweets endpoints without referrer headers
  • Unexpected administrative actions from user accounts

Network Indicators:

  • HTTP requests to /wp-admin/admin-ajax.php with commenttweets action parameters from unexpected sources

SIEM Query:

source="wordpress.log" AND ("commenttweets" OR "admin-ajax.php") AND status=200 AND method=POST AND NOT referer="*wp-admin*"

📊 Metadata

CVE ID: CVE-2023-6845
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: January 8, 2024
Last Updated: May 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6845, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)