Description
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Remediation
References
Related Vulnerabilities
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-20412)
OpenSSL Cryptographic Issues Vulnerability (CVE-2012-0884)
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.72)
Oracle Application Server Other Vulnerability (CVE-2002-0564)