Podatność CVE-2023-5003


Publikacja: 2023-10-16

Opis:
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.

Typ:

CWE-538

(File and Directory Information Exposure)

 Referencje:
https://wpscan.com/vulnerability/91f4e500-71f3-4ef6-9cc7-24a7c12a5748

Copyright 2024, cxsecurity.com

 

Back to Top