CVE-2022-1412
N/A
N/A
Summary
The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Log WP_Mail | 0 <= 0.1 | affected |
Weaknesses
- CWE-732 Incorrect Permission Assignment for Critical Resource
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.