Description
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.
References
https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f
ExploitThird Party Advisory
Weaknesses
Could not find any weaknesses
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-08-14T20:15:11.827
1 year agoLast modified
2023-11-07T04:19:07.190
11 months ago