Lucene search

[email protected]CVE-2023-36523

HistoryNov 30, 2023 - 4:15 p.m.

CVE-2023-36523

2023-11-3016:15:08

CWE-200

[email protected]

web.nvd.nist.gov

cve-2023-36523

vulnerability

sensitive information

unauthorized actor

email download link

gopi ramasamy

nvd

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7.

Affected configurations

Vulners

NVD

Node

gopi_ramasamyemail_download_linkRange≤3.7

CPENameOperatorVersion
gopiplus:email_download_linkgopiplus email download linkle3.7

CPE	Name	Operator	Version
gopiplus:email_download_link	gopiplus email download link	le	3.7

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "email-download-link",
    "product": "Email download link",
    "vendor": "Gopi Ramasamy",
    "versions": [
      {
        "lessThanOrEqual": "3.7",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/email-download-link/wordpress-email-download-link-plugin-3-7-sensitive-data-exposure?_s_id=cve

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2023-36523

nvd1 cvelist1 prion1 wordfence1