Design/Logic Flaw

2023-10-1312:15:00

PRIOn knowledge base

www.prio-n.com

wordpress

information exposure

security vulnerability

4.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

CPENameOperatorVersion
fedoraeq37
fedoraeq38
wordpressge6.2
wordpressle6.2.2
wordpressge6.1
wordpressle6.1.3
wordpressge6.0
wordpressle6.0.5
wordpressge5.9
wordpressle5.9.7

Name	Operator	Version
fedora	eq	37
fedora	eq	38
wordpress	ge	6.2
wordpress	le	6.2.2
wordpress	ge	6.1
wordpress	le	6.1.3
wordpress	ge	6.0
wordpress	le	6.0.5
wordpress	ge	5.9
wordpress	le	5.9.7

Rows per page:

1-10 of 481

References

lists.debian.org/debian-lts-announce/2023/11/msg00014.html

lists.fedoraproject.org/archives/list/[email protected]/message/2EVFT4DPZRFTXJPEPADM22BZVIUD2P66/

lists.fedoraproject.org/archives/list/[email protected]/message/GCCVDPKOK57WCTH2QJ5DJM3B53RJNZKA/

lists.fedoraproject.org/archives/list/[email protected]/message/WQBL4ZQCBFNQ76XHM5257CIBFQRGT5QY/

patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve

patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve