CVE-2023-5713 is a medium-severity vulnerability affecting the System Dashboard plugin for WordPress, developed by qriouslad. The vulnerability arises from a missing authorization check (CWE-862) in the sd_option_value() function, which is exposed via an AJAX action. This flaw allows any authenticated user with subscriber-level privileges or higher to invoke this AJAX endpoint and retrieve potentially sensitive option values stored by the plugin. These option values may contain serialized data, which can be deserialized by the attacker to gain further insight into the system's configuration or sensitive information. The vulnerability affects all versions of the System Dashboard plugin up to and including version 2.8.7. Exploitation does not require user interaction beyond authentication, and the attack vector is network-based (remote). The CVSS v3.1 base score is 4.3, reflecting a low complexity attack with limited confidentiality impact and no impact on integrity or availability. No known exploits have been reported in the wild as of the publication date. The vulnerability primarily compromises confidentiality by exposing sensitive configuration data to low-privileged users, which could be leveraged for further attacks or information gathering within the WordPress environment.

For European organizations using WordPress sites with the System Dashboard plugin installed, this vulnerability poses a risk of unauthorized disclosure of sensitive configuration data. Although the immediate impact is limited to confidentiality and does not affect integrity or availability, the exposure of serialized option values could enable attackers to perform more targeted attacks, such as privilege escalation or lateral movement within the web application. Organizations in sectors with strict data protection regulations, such as finance, healthcare, and government, may face compliance risks if sensitive information is leaked. Additionally, the ease of exploitation by low-privileged users means that compromised or malicious subscriber accounts could be leveraged to extract sensitive data, increasing insider threat risks. The vulnerability could also undermine trust in web services and lead to reputational damage if exploited.

Specific mitigation steps include: 1) Immediate review and restriction of user roles and permissions to ensure that only trusted users have subscriber-level or higher access, minimizing the attack surface. 2) Implement a Web Application Firewall (WAF) with custom rules to monitor and block suspicious AJAX requests targeting the sd_option_value() function or related endpoints. 3) Since no official patch or update is currently available, consider temporarily disabling or removing the System Dashboard plugin until a fix is released. 4) Conduct an audit of all serialized option values stored by the plugin to identify and secure any sensitive data. 5) Monitor logs for unusual AJAX activity indicative of exploitation attempts. 6) Educate site administrators about the risks of granting subscriber-level access and enforce strong authentication mechanisms to reduce the risk of account compromise. 7) Upon release of a patch, promptly apply updates to remediate the vulnerability.