CVE-2023-6962

MEDIUM5.3

WP Meta SEO <= 4.5.12 - Information Exposure via Meta Description

Published May 2, 2024

Modified 2 weeks ago

Details

The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts.

References

WEB

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3071453%40wp-meta-seo%2Ftrunk&old=3068145%40wp-meta-seo%2Ftrunk&sfp_email=&sfph_mail=

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2023-6962

WEB

https://www.wordfence.com/threat-intel/vulnerabilities/id/0323b54b-c15b-4d2d-9e8f-3df87c84dd49?source=cve

CVSS Analysis

CVSS v3.1

5.3

Exploitability

Attack Vector