CVE-2023-3601
CVSS 3.1 Score 7.4 of 10 (high)
Details
Published Aug 14, 2023
Updated: Nov 7, 2023
CWE ID 73
Summary
CVE-2023-3601 is a vulnerability affecting the Simple Author Box plugin for WordPress before version 2.52. This issue permits users with a Contributor role to disclose arbitrary user information due to the plugin's failure to validate user IDs before displaying related information. This oversight could potentially expose sensitive data, compromising the security of WordPress sites using the vulnerable plugin. Users are advised to update the plugin to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share