Lucene search

[email protected]NVD:CVE-2023-6203

HistoryDec 18, 2023 - 8:15 p.m.

CVE-2023-6203

2023-12-1820:15:08

[email protected]

web.nvd.nist.gov

wordpress

events calendar

disclosure

password protection

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.3%

JSON

The Events Calendar WordPress plugin before 6.2.8.1 discloses the content of password protected posts to unauthenticated users via a crafted request

Affected configurations

Nvd

Node

trithe_events_calendarRange<6.2.8.1wordpress

VendorProductVersionCPE
trithe_events_calendar*cpe:2.3:a:tri:the_events_calendar:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
tri	the_events_calendar	*	cpe:2.3:a:tri:the_events_calendar::::::wordpress::*

References

wpscan.com/vulnerability/229273e6-e849-447f-a95a-0730969ecdae

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.3%

JSON

Related for NVD:CVE-2023-6203

prion1 openvas1 cvelist1 wpvulndb1 cve1 wpexploit1