exploitDog

CVE-2023-3601

Опубликовано: 14 авг. 2023

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.

Ссылки

https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webfactoryltd:simple_author_box:*:*:*:*:*:wordpress:*:*

Версия до 2.52 (исключая)

EPSS

Процентиль: 35%

0.00143

Низкий

4.3 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-x9pq-rg5g-m83p

CVSS3: 4.3

github

больше 2 лет назад

The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.

EPSS

Процентиль: 35%

0.00143

Низкий

4.3 Medium

CVSS3

Дефекты