CVE-2023-5561

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html
https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/	Exploit Third Party Advisory
https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress::::::::

History

No history.

Information

Published : 2023-10-16 20:15

Updated : 2023-11-20 23:15

NVD link : CVE-2023-5561

Mitre link : CVE-2023-5561

CVE.ORG link : CVE-2023-5561

JSON object : View

Products Affected

wordpress

wordpress

CWE

NVD-CWE-noinfo

{"id": "CVE-2023-5561", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2023-10-16T20:15:18.073", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html", "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441", "tags": ["Third Party Advisory"], "source": "contact@wpscan.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack"}, {"lang": "es", "value": "El complemento Popup Builder de WordPress hasta la versi\u00f3n 4.1.15 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting almacenados incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."}], "lastModified": "2023-11-20T23:15:06.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2F659EB-27E2-4149-883B-341A0DD80EB0", "versionEndExcluding": "4.7.27", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C14B71C7-DD47-4900-8F84-8F7A594E555B", "versionEndExcluding": "4.8.23", "versionStartIncluding": "4.8"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C274BA0-BBD2-45EC-82EC-CFE0BA0AED0F", "versionEndExcluding": "4.9.24", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A923BA69-D672-4133-82EF-AFDDA5DD12DA", "versionEndExcluding": "5.0.20", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E55DF-A05B-4420-B63B-0D1BEFB180EA", "versionEndExcluding": "5.1.17", "versionStartIncluding": "5.1"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC188A6D-DBA2-48CA-B6E2-EBA859AE9FEF", "versionEndExcluding": "5.2.19", "versionStartIncluding": "5.2"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68F28900-3DC1-45F3-9B62-3347F14ADAB0", "versionEndExcluding": "5.3.16", "versionStartIncluding": "5.3"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5470536-6271-4D35-AB38-55DAEEC87980", "versionEndExcluding": "5.4.14", "versionStartIncluding": "5.4"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "274301F3-C6E4-40DF-90D4-3F597F715150", "versionEndExcluding": "5.5.13", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF1391A3-84EA-469F-AB2A-B6A6AB84703C", "versionEndExcluding": "5.6.12", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDF17959-9854-47FE-87D2-1DEE39B9F460", "versionEndExcluding": "5.7.10", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE3F0CA8-9EAD-456A-A79E-D02473FF6075", "versionEndExcluding": "5.8.8", "versionStartIncluding": "5.8"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "358A2584-34C0-4E5A-BA24-855FD2092E71", "versionEndExcluding": "5.9.8", "versionStartIncluding": "5.9"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C359F62-24DD-4684-9806-7FBB3F5C10FC", "versionEndExcluding": "6.0.6", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "680CD6CE-8815-44F8-9689-4B2155041E19", "versionEndExcluding": "6.1.4", "versionStartIncluding": "6.1"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C10ED637-5054-4830-BE95-6F2F1194CCD2", "versionEndExcluding": "6.2.3", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4ED48F8A-D2AC-45FE-9B5F-231A0666A897", "versionEndExcluding": "6.3.2", "versionStartIncluding": "6.3"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}