CVE-2023-39999

Summary

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

Affected Software

VendorProductVersion RangeStatus
WordPress.orgWordPress6.3 <= 6.3.1affected
WordPress.orgWordPress6.2 <= 6.2.2affected
WordPress.orgWordPress6.1 <= 6.13affected
WordPress.orgWordPress6.0 <= 6.0.5affected
WordPress.orgWordPress5.9 <= 5.9.7affected
WordPress.orgWordPress5.8 <= 5.8.7affected
WordPress.orgWordPress5.7 <= 5.7.9affected
WordPress.orgWordPress5.6 <= 5.6.11affected
WordPress.orgWordPress5.5 <= 5.5.12affected
WordPress.orgWordPress5.4 <= 5.4.13affected
WordPress.orgWordPress5.3 <= 5.3.15affected
WordPress.orgWordPress5.2 <= 5.2.18affected
WordPress.orgWordPress5.1 <= 5.1.16affected
WordPress.orgWordPress5.0 <= 5.0.19affected
WordPress.orgWordPress4.9 <= 4.9.23affected
WordPress.orgWordPress4.8 <= 4.8.22affected
WordPress.orgWordPress4.7 <= 4.7.26affected
WordPress.orgWordPress4.6 <= 4.6.26affected
WordPress.orgWordPress4.5 <= 4.5.29affected
WordPress.orgWordPress4.4 <= 4.4.30affected
WordPress.orgWordPress4.3 <= 4.3.31affected
WordPress.orgWordPress4.2 <= 4.2.35affected
WordPress.orgWordPress4.1 <= 4.1.38affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References