CVE-2023-6444

MEDIUM NUCLEI

Seriously Simple Podcasting <3.0.0 - Info Disclosure

Title source: llm

Description

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request.

Exploits (1)

nomisec WORKING POC

by Wayne-Ker · poc

https://github.com/Wayne-Ker/CVE-2023-6444-POC

View Code ZIP pw:eip

Nuclei Templates (1)

Seriously Simple Podcasting < 3.0.0 - Information Disclosure

MEDIUMVERIFIEDby s4e-io

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c2b4aa/

Scores

CVSS v3 5.3

EPSS 0.6136

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published

Products (1)

castos/seriously_simple_podcasting < 3.0.0

Published Mar 11, 2024

Tracked Since Feb 18, 2026