2 matches found
CVE-2023-3447
Summary (CVE-2023-3447): The WordPress plugin “Active Directory Integration / LDAP Integration” is vulnerable to LDAP Injection due to insufficient escaping of the supplied username in versions up to and including 4.1.5. This can allow unauthenticated attackers to extract potentially sensitive in...
WordPress Active Directory Integration / LDAP Integration Plugin <= 4.1.5 is vulnerable to Sensitive Data Exposure
Software Active Directory Integration / LDAP Integration Type Plugin Vulnerable versions = 4.1.5 Fixed in 4.1.6 OWASP Top 10 A1: Injection Classification Sensitive Data Exposure CVE CVE-2023-3447 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID f63ceb460cab Credits Luca...