The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-08-14T19:10:21.138Z
Updated: 2024-01-16T15:54:01.512Z
Reserved: 2023-07-10T17:43:18.843Z
Link: CVE-2023-3601
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-14T20:15:11.827
Modified: 2023-11-07T04:19:07.190
Link: CVE-2023-3601
JSON object: View
Redhat Information
No data.
CWE
No CWE.