exploitDog

CVE-2023-39999

Опубликовано: 13 окт. 2023

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

Ссылки

https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EVFT4DPZRFTXJPEPADM22BZVIUD2P66/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCCVDPKOK57WCTH2QJ5DJM3B53RJNZKA/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQBL4ZQCBFNQ76XHM5257CIBFQRGT5QY/
Mailing List
Third Party Advisory
https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve
Exploit
Patch
Third Party Advisory
https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EVFT4DPZRFTXJPEPADM22BZVIUD2P66/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCCVDPKOK57WCTH2QJ5DJM3B53RJNZKA/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQBL4ZQCBFNQ76XHM5257CIBFQRGT5QY/
Mailing List
Third Party Advisory
https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve
Exploit
Patch
Third Party Advisory
https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.1 (включая) до 4.1.38 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.2 (включая) до 4.2.35 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.3 (включая) до 4.3.31 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.4 (включая) до 4.4.30 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.5 (включая) до 4.5.29 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.6 (включая) до 4.6.26 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.7 (включая) до 4.7.26 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.8 (включая) до 4.8.22 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 4.9 (включая) до 4.9.23 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.0 (включая) до 5.0.19 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.1 (включая) до 5.1.16 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.2 (включая) до 5.2.18 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.3 (включая) до 5.3.15 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.4 (включая) до 5.4.13 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.5.12 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.6 (включая) до 5.6.11 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.7 (включая) до 5.7.9 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.8 (включая) до 5.8.7 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 5.9 (включая) до 5.9.7 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 6.0 (включая) до 6.0.5 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 6.1 (включая) до 6.1.3 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.2.2 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия от 6.3 (включая) до 6.3.2 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.0107

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-200

NVD-CWE-noinfo

Связанные уязвимости

CVE-2023-39999

CVSS3: 4.3

ubuntu

больше 1 года назад

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

CVE-2023-39999

CVSS3: 4.3

debian

больше 1 года назад

Exposure of Sensitive Information to an Unauthorized Actor in WordPres ...

GHSA-4pqc-j77p-x3p2

CVSS3: 4.3

github

больше 1 года назад

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

EPSS

Процентиль: 77%

0.0107

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-200

NVD-CWE-noinfo