2 matches found
CVE-2023-4505
CVE-2023-4505 / CVE-2023-4506 (LDAP Passback) affects WordPress plugins: Staff / Employee Business Directory for Active Directory (Staff/LDAP Directory) and Active Directory Integration / LDAP Integration. Root cause: insufficient validation when changing the LDAP server, permitting authenticated...
CVE-2023-4505 Staff / Employee Business Directory for Active Directory <= 1.2.3 - Authenticated (Admin+) LDAP Passback
The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...