WordPress wpDiscuz plugin <= 7.3.11 - Sensitive Information Disclosure
CVE-2022-23984

3.7LOW

Key Information:

Vendor: Wordpress
Status: Comments – WPdiscuz (WordPress Plugin)
Vendor: CVE Published:; 21 February 2022

Summary

Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).

Affected Version(s)

Comments – wpDiscuz (WordPress plugin) <= 7.3.11 <= 7.3.11

References

https://wordpress.org/plugins/wpdiscuz/#developers

x_refsource_CONFIRM

https://patchstack.com/database/vulnerability/wpdiscuz/wo...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2022
Vulnerability Reserved
Jan 26, 2022

Credit

Vulnerability discovered by Muhammad Daffa (Patchstack Red Team)

.