Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community
CVE-2023-27630

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: Community By Peepso
Vendor: CVE Published:; 26 March 2024

Summary

The PeepSo Community plugin is affected by a vulnerability that allows unauthorized actors to access sensitive information. This exposure may lead to potential misuse of data and poses risks to user privacy. The vulnerability affects versions from n/a up to 6.0.9.0, emphasizing the importance of updating and securing installations of the Community by PeepSo plugin to mitigate risks associated with unauthorized information access.

Affected Version(s)

Community by PeepSo <= 6.0.9.0

References

https://patchstack.com/database/vulnerability/peepso-core...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 26, 2024
Vulnerability Reserved
Mar 5, 2023

Credit

Dave Jong (Patchstack)