.. / CVE-2023-6623

Exploit for Essential Blocks < 4.4.3 - Local File Inclusion (CVE-2023-6623)

Description:

Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site.

Nuclei Template

View the template here CVE-2023-6623.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-6623.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-6623
https://flysec-blog.blogspot.com/2024/01/cve-2023-6623-file-inclusion.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6623
https://wpscan.com/blog/file-inclusion-vulnerability-fixed-in-essential-blocks-4-4-3/