Описание
The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get_users() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including email addresses and hashed passwords of administrators.
EPSS
Процентиль: 12%
0.00039
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-359
Связанные уязвимости
CVSS3: 6.5
github
около 2 месяцев назад
The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get_users() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including email addresses and hashed passwords of administrators.
EPSS
Процентиль: 12%
0.00039
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-359