3 matches found
CVE-2023-4917
The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.7 via the 'leykaajaxgetenvandoptions' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including Sberbank API...
CVE-2023-4917
CVE-2023-4917 (Leyka WordPress plugin) affects Leyka versions
WordPress Leyka Plugin <= 3.30.7 is vulnerable to Sensitive Data Exposure
Software Leyka Type Plugin Vulnerable versions = 3.30.7 Fixed in 3.30.7.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-4917 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a132ae587b9f Credits Lana Codes Required privilege...