Showing 1 - 1 of 1

CVE-2023-5561

Status Candidate

Overview

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack

Related Files

Debian Security Advisory 5685-1: Posted May 9, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5685-1 - Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2023-2745, CVE-2023-38000, CVE-2023-39999, CVE-2023-5561, CVE-2024-31210; SHA-256 | ad8b64e2ba526ad865543abe9892e49e02b0997f620bdfe4b1a9169d4c45e33c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 252 files
Ubuntu 56 files
Gentoo 33 files
Debian 23 files
Apple 9 files
malvuln 7 files
Jann Horn 4 files
nu11secur1ty 4 files
Google Security Research 4 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,048)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,846)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,952)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,535)
UNIX (9,409)
UnixWare (187)
Windows (6,660)
Other

CVE-2023-5561

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems