Description
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Remediation
References
Related Vulnerabilities
WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.6)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)
WordPress Plugin Church Admin Arbitrary File Upload (1.2530)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4390)