Description Authenticated users were able to enumerate other users' names via the learning plans page. Remediation References CVE-2023-28334 Related Vulnerabilities WordPress Plugin File Uploader Arbitrary File Upload (1.1) Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458) MySQL CVE-2015-4815 Vulnerability (CVE-2015-4815) WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33) WordPress Plugin RSS Includes Pages Unspecified Vulnerability (3.1) Severity Medium Classification CVE-2023-28334 CWE-639 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities