CVE-2023-6444
Seriously Simple Podcasting < 3.0.0 - Unauthenticated Administrator Email Disclosure
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 5.3EPSS 2.5%KEV nãoPoC —Nuclei simMetasploit —Patch —
Ciclo de vida
11 mar 2024Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Unknown · Seriously Simple Podcasting¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →