High vulnerability

CVE-2023-3025: The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Reque

Tracked since May 6, 2026
cve CVE-2023-3025 cvss-7

CVSS Breakdown

CVSS Base Score
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A

Exploit Probability (EPSS)

NaN%
NaN% probability of exploitation in 30 days
This vulnerability has a relatively low exploitation probability, but should still be patched according to your standard timelines.
Low

Insurance Impact Assessment

🛡️
Significant Impact

High-severity vulnerabilities may affect cyber insurance pricing and coverage terms. Demonstrating patch management reduces underwriting friction.

CVE CVE-2023-3025 with CVSS 7.2. The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to qu

Assess your exposure

Is your organization vulnerable? Run a free domain exposure scan to check.

Scan Your Domain → Broker Scorecard

Related Threats

CVE-2023-34992: A improper neutralization of special elements used in an os command ('os command
CVSS critical
CVE-2023-34976: A SQL injection vulnerability has been reported to affect Video Station. If expl
CVSS critical
CVE-2023-25960: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVSS critical
CVE-2023-4994: The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Co
CVSS critical
CVE-2023-5201: The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in vers
CVSS critical
← Back to Threat Feed