Description The plugin does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.
1. Create a new Post as a Contributor user. 2. Add the “Simple Author Box” block. 3. Intercept the request to /wp-admin/admin-ajax.php
upon addition of the block. Change the author_ID
parameter to an ID of a user of your choosing. 4. Inspect the response to see all of the information about that user, including the hashed password.
CPE | Name | Operator | Version |
---|---|---|---|
simple-author-box | eq | 2.52 |