7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Customer Reviews for WooCommerce 5.3.5 and earlier versions are vulnerable to an information disclosure vulnerability, which stems from the pluginβs insufficient protection of sensitive information and could be exploited by unauthorized attackers to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress customer reviews for woocommerce | le | 5.3.5 |