CVE-2023-47874

WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Broken Access Control

Missing Authorization vulnerability in Perfmatters.This issue affects Perfmatters: from n/a through 2.1.6.

We have discovered 1,361 live websites that are affected by CVE-2023-47874.

Affected Software


Product	Perfmatters
Category	Wordpress Plugins
Vulnerable Versions	from 0 through 2.1.6
Total Vulnerable Versions	86
Vulnerable Domains	1,361 live websites (20.90% of Perfmatters install base)

Common Weakness Enumeration

CWE-862 Missing Authorization

Available Reports

Website List

Details

Published - Feb 29, 2024
Updated - Feb 29, 2024

Credits

Dave Jong (Patchstack) (finder)

CWE

CWE-862

CVE References

CWE References

cwe.mitre.org

Countries

United States	657 websites

GB	80 websites
Germany	58 websites
France	55 websites
Netherlands	46 websites
Spain	45 websites
Australia	34 websites
Canada	34 websites
Brazil	30 websites
Italy	23 websites

TLDs

.com	757 websites
.org	62 websites
.co.uk	47 websites
.net	38 websites
.nl	32 websites
.de	28 websites
.com.au	24 websites
.com.br	24 websites
.es	20 websites
.fr	19 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

References

https://patchstack.com/database/vulnerability/perfmatters/wordpress-perfmatters-plugin-2-1-6-broken-access-control-vulnerability?_s_id=cve

Websites affected by CVE-2023-47874

Top websites that are affected by CVE-2023-47874. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
**********.com	Ireland	,*
***********.com	United States	,*
*.***********.com	United States	,*
*.*****.com	United States	,*
*.*******.com	United States	,*
*.*******.com	United States	,*
*.**********.com	United States	,*
************.loan	United States	,*
*.*****.com	United States	,*
******************.com	United States	,*

See full domain list