5 matches found
WordPress DoLogin Security Plugin < 3.7.1 is vulnerable to Sensitive Data Exposure
Software DoLogin Security Type Plugin Vulnerable versions 3.7.1 Fixed in 3.7.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4800 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3a18978f1a90 Credits Bartlomiej Marek and Tomasz...
CVE-2023-4800 DoLogin Security < 3.7.1 - Subscriber+ IP Address leak
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users...
CVE-2023-4800 DoLogin Security < 3.7.1 - Subscriber+ IP Address leak
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users...
CVE-2023-4800
Affected software: DoLogin Security WordPress plugin (before 3.7.1). Vulnerability: The widget displaying IPs of failed logins is accessible to low-privileged users, exposing potentially sensitive data. Impact (as stated): Sensitive data exposure (high confidentiality impact per the published CVS...
CVE-2023-4800
creationtimestamp| type| source ---|---|--- 2023-09-24 12:14:24+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5197 2023-10-17 00:32:23+00:00| seen| https://t.me/cibsecurity/72355...