Lucene search
DmitriyWPEX-ID:C0CC513E-C306-4920-9AFB-E33D95A7292FHistoryJul 24, 2023 - 12:00 a.m.
Simple Author Box < 2.52 - Contributor+ Arbitrary User Information Disclosure via IDOR
2023-07-2400:00:00
Dmitriy
47
wordpress
security
informationdisclosure
idor
vulnerability
Description The plugin does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.
1. Create a new Post as a Contributor user.
2. Add the "Simple Author Box" block.
3. Intercept the request to `/wp-admin/admin-ajax.php` upon addition of the block. Change the `author_ID` parameter to an ID of a user of your choosing.
4. Inspect the response to see all of the information about that user, including the hashed password.Related
wpvulndb
wpvulndb
prion
prion
Information disclosure
2023-08-14 20:15:00
nvd
nvd
CVE-2023-3601
2023-08-14 20:15:11
cve
cve
CVE-2023-3601
2023-08-14 20:15:11
cvelist
cvelist
wordfence
wordfence
4.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Related for WPEX-ID:C0CC513E-C306-4920-9AFB-E33D95A7292F