CVE-2023-39999

MEDIUM

WordPress 4.1-6.3.1 - Exposure of Sensitive Information to an Unauthorized Actor

Title source: llm
STIX 2.1

Description

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

References (6)

Core 6
Core References

Scores

CVSS v3 4.3
EPSS 0.0101
EPSS Percentile 77.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (26)
fedoraproject/fedora 37
fedoraproject/fedora 38
wordpress/wordpress 4.1 - 4.1.38
WordPress.org/WordPress 4.1 - 4.1.38
WordPress.org/WordPress 4.2 - 4.2.35
WordPress.org/WordPress 4.3 - 4.3.31
WordPress.org/WordPress 4.4 - 4.4.30
WordPress.org/WordPress 4.5 - 4.5.29
WordPress.org/WordPress 4.6 - 4.6.26
WordPress.org/WordPress 4.7 - 4.7.26
... and 16 more
Published Oct 13, 2023
Tracked Since Feb 18, 2026