Simple Social Buttons < 5.1.1 - Unauthenticated Password Protected Post Access
CVE-2023-5845

5.3MEDIUM

Key Information:

Vendor: Wordpress
Status: Simple Social Media Share Buttons
Vendor: CVE Published:; 27 November 2023

What is CVE-2023-5845?

The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags

Affected Version(s)

Simple Social Media Share Buttons 0 < 5.1.1

References

https://wpscan.com/vulnerability/d5b59e9e-85e5-4d26-aebe-...

exploitvdb-entrytechnical-description

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 27, 2023
Vulnerability Reserved
Oct 30, 2023

Credit

Krzysztof Zając (CERT PL)

WPScan

Wordpress

What is CVE-2023-5845?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit