Vulnerability CVE-2023-3601


Published: 2023-08-14

Description:
The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.

Type:

CWE-639

(Authorization Bypass Through User-Controlled Key)

 References:
https://wpscan.com/vulnerability/c0cc513e-c306-4920-9afb-e33d95a7292f

Copyright 2026, cxsecurity.com

 

Back to Top