4 matches found
WordPress Active Directory Integration / LDAP Integration Plugin < 4.1.10 is vulnerable to Sensitive Data Exposure
Software Active Directory Integration / LDAP Integration Type Plugin Vulnerable versions 4.1.10 Fixed in 4.1.10 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-5003 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSI...
CVE-2023-5003
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...
CVE-2023-5003 Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...
CVE-2023-5003
Summary: CVE-2023-5003 affects the Active Directory Integration / LDAP Integration WordPress plugin (pre-4.1.10). The issue cores in storing sensitive LDAP logs in a buffer file created when an administrator exports logs; the buffer file is not removed and can be accessed by anyone who knows the ...