{"id":17189,"date":"2025-04-03T20:55:33","date_gmt":"2025-04-03T20:55:33","guid":{"rendered":""},"modified":"2025-05-22T17:28:16","modified_gmt":"2025-05-22T17:28:16","slug":"cve-2023-52200-cross-site-request-forgery-csrf-leading-to-php-object-injection-in-armember-wordpress-plugin","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-52200-cross-site-request-forgery-csrf-leading-to-php-object-injection-in-armember-wordpress-plugin\/","title":{"rendered":"CVE-2023-52200: Cross-Site Request Forgery (CSRF) Leading to PHP Object Injection in ARMember WordPress Plugin"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><strong>Vulnerability Summary<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE ID:<\/strong> CVE-2023-52200\u200b<\/li>\n\n\n\n<li><strong>Severity:<\/strong> Critical (CVSS 3.1 Score: 9.6)\u200b<a href=\"https:\/\/patchstack.com\/database\/vulnerability\/armember-membership\/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve&amp;utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Patchstack<\/a><\/li>\n\n\n\n<li><strong>Attack Vector:<\/strong> Network\u200b<\/li>\n\n\n\n<li><strong>Privileges Required:<\/strong> None\u200b<\/li>\n\n\n\n<li><strong>User Interaction:<\/strong> Required\u200b<\/li>\n\n\n\n<li><strong>Impact:<\/strong> <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-29048-remote-code-execution-via-oxmf-template-injection-in-open-xchange-app-suite\/\"  data-wpil-monitor-id=\"24556\">Remote Code Execution<\/a> (RCE)\u200b<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Affected Products<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The vulnerability affects the ARMember \u2013 Membership Plugin, Content Restriction, Member Levels, User Profile &amp; User Signup plugin for WordPress:\u200b<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-52200?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">NVD+1Patchstack+1<\/a><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Product<\/th><th>Affected Versions<\/th><\/tr><\/thead><tbody><tr><td>ARMember Plugin<\/td><td>Versions up to and including 4.0.22\u200b<a href=\"https:\/\/patchstack.com\/database\/vulnerability\/armember-membership\/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve&amp;utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Patchstack<\/a><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-52200?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">NVD+1Patchstack+1<\/a><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>How the Exploit Works<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CVE-2023-52200 is a combined <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6532-cross-site-request-forgery-vulnerability-in-wp-blogs-planetarium-wordpress-plugin-vulnerability-summary\/\"  data-wpil-monitor-id=\"25030\">Cross-Site Request Forgery<\/a> (CSRF) and PHP Object Injection vulnerability. An attacker can exploit this by crafting a malicious request that, when executed by an authenticated administrator, can lead to the deserialization of untrusted <a class=\"wpil_keyword_link\" href=\"https:\/\/chat.ameeba.com\"   title=\"data\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24352\">data<\/a>. This deserialization can result in arbitrary code execution on the <a class=\"wpil_keyword_link\" href=\"https:\/\/www.ameeba.com\"   title=\"server\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24350\">server<\/a>. \u200b<a href=\"https:\/\/patchstack.com\/database\/vulnerability\/armember-membership\/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve&amp;utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Patchstack<\/a><\/p><div id=\"ameeb-3580791825\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 720px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 22px; font-weight: 600; display: flex; align-items: center; letter-spacing: -0.02em;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 10px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 42px; height: 42px;\" \/>\r\n    <\/a>\r\n    Share secrets securely\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 14px; color: #d1d5db;\">\r\n    Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 18px; color: #a1a1aa;\">\r\n    Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 24px; color: #e4e4e7;\">\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Encrypted identity<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Private Spaces for organizations and teams<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 End-to-end encrypted chat, calls, files, and notes<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Sensitive AI work and protected collaboration<\/li>\r\n    <li>\u2022 Built for information that cannot leak<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px; color: #ffffff;\">\r\n    Our mission is to secure human work alongside AI.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Download Ameeba\r\n    <\/a>\r\n\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Learn More\r\n    <\/a>\r\n  <\/div>\r\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Potential Risks<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-22937-critical-remote-code-execution-vulnerability\/\"  data-wpil-monitor-id=\"24877\">Execution of arbitrary PHP code<\/a> on the server\u200b<\/li>\n\n\n\n<li><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-26733-unauthorized-access-vulnerability-in-shinetheme-traveler-software\/\"  data-wpil-monitor-id=\"34243\">Unauthorized access<\/a> to sensitive data\u200b<\/li>\n\n\n\n<li>Complete <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3914-potential-arbitrary-file-uploads-and-system-compromise-in-aeropage-sync-for-airtable-wordpress-plugin\/\"  data-wpil-monitor-id=\"40593\">compromise of the WordPress<\/a> site\u200b<\/li>\n\n\n\n<li>Potential lateral movement within the hosting environment\u200b<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Mitigation Recommendations<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a class=\"wpil_keyword_link\" href=\"https:\/\/ameeba.com\"   title=\"Update\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24351\">Update<\/a> the Plugin:<\/strong> Upgrade to ARMember version 4.0.23 or later, where this vulnerability has been addressed. \u200b<\/li>\n\n\n\n<li><strong>Implement CSRF Protections:<\/strong> Ensure that CSRF tokens are validated for all state-changing requests.\u200b<\/li>\n\n\n\n<li><strong>Restrict Administrator Actions:<\/strong> Limit the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-48257-remote-code-execution-and-data-exposure-vulnerability\/\"  data-wpil-monitor-id=\"47915\">exposure of administrative functions and educate administrators to avoid executing<\/a> unsolicited requests.\u200b<\/li>\n\n\n\n<li><strong>Regular Security Audits:<\/strong> Conduct periodic <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47890-exposing-the-critical-vulnerability-in-network-security-protocols\/\"  data-wpil-monitor-id=\"24988\">security assessments to detect and remediate vulnerabilities<\/a> in your WordPress environment.\u200b<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Conclusion<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CVE-2023-52200 is a critical <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6140-arbitrary-file-upload-vulnerability-in-essential-real-estate-wordpress-plugin\/\"  data-wpil-monitor-id=\"24580\">vulnerability in the ARMember WordPress plugin<\/a> that combines CSRF with PHP Object Injection, potentially allowing attackers to execute arbitrary code. Immediate action is recommended to update the plugin and implement additional security measures to protect your WordPress site.\u200b<a href=\"https:\/\/patchstack.com\/database\/vulnerability\/armember-membership\/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve&amp;utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Patchstack<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>References<\/strong><\/p><div id=\"ameeb-2327901519\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-52200\">NVD \u2013 CVE-2023-52200<\/a><\/li>\n\n\n\n<li><a class=\"\">Patchstack Advisory<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Summary Affected Products The vulnerability affects the ARMember \u2013 Membership Plugin, Content Restriction, Member Levels, User Profile &amp; User Signup plugin for WordPress:\u200bNVD+1Patchstack+1 Product Affected Versions ARMember Plugin Versions up to and including 4.0.22\u200bPatchstackNVD+1Patchstack+1 How the Exploit Works CVE-2023-52200 is a combined Cross-Site Request Forgery (CSRF) and PHP Object Injection vulnerability. An attacker can [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[90,80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-17189","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-csrf","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/17189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=17189"}],"version-history":[{"count":15,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/17189\/revisions"}],"predecessor-version":[{"id":42695,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/17189\/revisions\/42695"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=17189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=17189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=17189"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=17189"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=17189"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=17189"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=17189"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=17189"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=17189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}