2 matches found
CVE-2023-4917
The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.3 via the 'leykaajaxgetenvandoptions' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including Sberbank API...
PT-2023-31087 · WordPress · Leyka
Name of the Vulnerable Software and Affected Versions: Leyka plugin for WordPress versions up to, and including, 3.30.3 Description: The issue allows authenticated attackers with subscriber-level permissions or above to extract sensitive data, including Sberbank API key and password, PayPal Clien...