Описание
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wordpress | fixed | 6.0.3+dfsg1-1 | package | |
| wordpress | fixed | 5.0.18+dfsg1-0+deb10u1 | buster | package |
Примечания
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
Fixed by: https://core.trac.wordpress.org/changeset/54531 (6.0)
Follow-up: https://core.trac.wordpress.org/changeset/54533 (6.0)
EPSS
Связанные уязвимости
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature.
EPSS