CVE-2023-6444

Summary

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request.

Affected Software

VendorProductVersion RangeStatus
UnknownSeriously Simple Podcasting0 < 3.0.0affected

Weaknesses

  • CWE-201 Insertion of Sensitive Information Into Sent Data

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References