5.3
CVE-2023-6444
- EPSS 2.46%
- Veröffentlicht 11.03.2024 18:15:17
- Zuletzt bearbeitet 01.05.2025 00:09:05
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
Seriously Simple Podcasting < 3.0.0 - Unauthenticated Administrator Email Disclosure
Seriously Simple Podcasting <= 2.25.3 - Unauthenticated Email Disclosure
The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request.
Mögliche Gegenmaßnahme
Seriously Simple Podcasting: Update to version 3.0.0, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Castos ≫ Seriously Simple Podcasting SwPlatformwordpress Version < 3.0.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Seriously Simple Podcasting
Version
*-2.25.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.46% | 0.824 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c2b4aa/
https://www.wordfence.com/threat-intel/vulnerabilities/id/5268485f-d912-4c2d-a0ad-aabb69f9c98c