Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:57 a.m.3 views

CVE-2023-4686

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajaxenabledposts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and...

4.3CVSS5.9AI score0.00524EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/22 3:33 p.m.15 views

CVE-2023-4686 WP Customer Reviews <= 3.6.6 - Authenticated (Subscriber+) Sensitive Information Exposure

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajaxenabledposts function. This can allow authenticated attackers to extract sensitive data such as post titles and slugs, including those of protected and...

4.3CVSS6.6AI score0.00524EPSS
Exploits0References3
CVE
CVE
added 2023/11/22 3:33 p.m.89 views

CVE-2023-4686

CVE-2023-4686 affects the WordPress WP Customer Reviews plugin up to and including version 3.6.6. The vulnerability, exposed by the ajax_enabled_posts function, allows authenticated users to retrieve sensitive data (post titles and slugs) including protected/trashed posts and other post types (e....

4.3CVSS4.8AI score0.00524EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/31 12:0 a.m.17 views

WordPress WP Customer Reviews Plugin <= 3.6.6 is vulnerable to Sensitive Data Exposure

Software WP Customer Reviews Type Plugin Vulnerable versions = 3.6.6 Fixed in 3.6.7 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-4686 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07af2f4a4fb5 Credits Marco Wotschka Required...

4.3CVSS6.5AI score0.00524EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder