Vulnerabilities > CVE-2023-7014 - Exposure of Resource to Wrong Sphere vulnerability in Amitzy Molongui Authorship
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including post author emails and names if applicable.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://plugins.trac.wordpress.org/changeset/3019084/
- https://plugins.trac.wordpress.org/changeset/3019084/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/538e9ce3-2d48-44ad-bd08-8eead3ef15c3?source=cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/538e9ce3-2d48-44ad-bd08-8eead3ef15c3?source=cve