CVE-2023-3325

HIGH 8.1

CMS Commander <= 2.287 - Authorization Bypass through Use of Insufficiently Unique Cryptographic Signature

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the '_cmsc_public_key' in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.

CWE	CWE-345
Vendor	thoefter
Product	cms commander – manage multiple sites
Published	Jun 20, 2023
Last Updated	Apr 8, 2026

Stay Ahead of the Next One

Get instant alerts for thoefter cms commander – manage multiple sites

Be the first to know when new high vulnerabilities affecting thoefter cms commander – manage multiple sites are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

thoefter / CMS Commander – Manage Multiple Sites

0 ≤ 2.287

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wordfence.com: https://www.wordfence.com/threat-intel/vulnerabilities/id/ca37d453-9f9a-46b2-a17f-65a16e3e2ed1?source=cve plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/browser/cms-commander-client/tags/2.287/init.php#L88 plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/changeset/2927811/cms-commander-client

Credits

István Márton