CVE-2023-7231 – The illi Link Party! WordPress plugin through v... (How to Fix)

Q: What is the severity of CVE-2023-7231?

CVE-2023-7231 has a CVSS score of 7.3 (HIGH). The illi Link Party! WordPress plugin through version 1.0 has an access control vulnerability that allows unauthenticated visitors to delete links. This affects all WordPress sites running the vulnerable plugin version. Attackers can disrupt website functionality by removing important links without authentication.

📋 TL;DR

The illi Link Party! WordPress plugin through version 1.0 has an access control vulnerability that allows unauthenticated visitors to delete links. This affects all WordPress sites running the vulnerable plugin version. Attackers can disrupt website functionality by removing important links without authentication.

💻 Affected Systems

Products:

illi Link Party! WordPress plugin

Versions: All versions through 1.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with the vulnerable plugin version, regardless of WordPress version or configuration.

📦 What is this software?

Illi Link Party\! by Evanliewer

View all CVEs affecting Illi Link Party\! →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete deletion of all links on the website, disrupting navigation and functionality, potentially causing business impact or SEO damage.

🟠

Likely Case

Selective deletion of important links (contact forms, product pages, navigation menus) leading to user frustration and reduced website usability.

🟢

If Mitigated

No impact if proper authentication checks are implemented before allowing link deletion operations.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is simple to exploit as it requires no authentication and likely involves direct API endpoint access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://wpscan.com/vulnerability/797692ce-f355-4d4a-af01-4bd9abc60a34/

Restart Required: No

Instructions:

1. Deactivate the illi Link Party! plugin immediately. 2. Remove the plugin from your WordPress installation. 3. Monitor for any official patch from the plugin developer.

🔧 Temporary Workarounds

Disable plugin via wp-cli

linux

Deactivate the vulnerable plugin using WordPress command-line interface

wp plugin deactivate illi-link-party

Web application firewall rule

all

Block requests to the plugin's deletion endpoints

🧯 If You Can't Patch

Deactivate the illi Link Party! plugin immediately
Implement web application firewall rules to block unauthenticated requests to plugin endpoints

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for 'illi Link Party!' version 1.0 or earlier

Check Version:

wp plugin list --name='illi Link Party!' --field=version

Verify Fix Applied:

Verify the plugin is either deactivated or removed from the plugins directory

📡 Detection & Monitoring

Log Indicators:

Unusual POST/DELETE requests to plugin endpoints from unauthenticated IPs
404 errors for previously working links

Network Indicators:

HTTP requests to /wp-content/plugins/illi-link-party/ endpoints without authentication headers

SIEM Query:

source="web_server" AND (uri="*illi-link-party*" AND (method="POST" OR method="DELETE") AND NOT user_agent="*admin*" AND NOT auth_token="*")

📊 Metadata

CVE ID: CVE-2023-7231

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score: 0.11% exploit probability (29.3th percentile)

Published: May 15, 2025

Last Updated: June 6, 2025

🔗 References

https://wpscan.com/vulnerability/797692ce-f355-4d4a-af01-4bd9abc60a34/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON