CVE-2023-5003
Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Unknown · Active Directory Integration / LDAP IntegrationQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →