Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/10/17 12:0 a.m.14 views

WordPress Active Directory Integration / LDAP Integration Plugin < 4.1.10 is vulnerable to Sensitive Data Exposure

Software Active Directory Integration / LDAP Integration Type Plugin Vulnerable versions 4.1.10 Fixed in 4.1.10 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-5003 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSI...

7.5CVSS6.5AI score0.25855EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2023/10/16 8:15 p.m.51 views

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

7.5CVSS7.6AI score0.25855EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/16 7:39 p.m.43 views

CVE-2023-5003 Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

7.8AI score0.25855EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 7:39 p.m.75 views

CVE-2023-5003

Summary: CVE-2023-5003 affects the Active Directory Integration / LDAP Integration WordPress plugin (pre-4.1.10). The issue cores in storing sensitive LDAP logs in a buffer file created when an administrator exports logs; the buffer file is not removed and can be accessed by anyone who knows the ...

7.5CVSS7.5AI score0.25855EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder