VDB
BIT-wordpress-2023-39999
BIT-wordpress-2023-39999
PUBLISHED
CVSS 4.300000190734863 MEDIUM
WordPress < 6.3.2 is vulnerable to Broken Access Control
Risk Scores
CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | wordpress | 4.1.0, 4.2.0, 4.3.0 |
Timeline
- Mar 6, 2024 CVE Published
- May 20, 2025 CVE Updated
References
- https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EVFT4DPZRFTXJPEPADM22BZVIUD2P66/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCCVDPKOK57WCTH2QJ5DJM3B53RJNZKA/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQBL4ZQCBFNQ76XHM5257CIBFQRGT5QY/ url
- https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve url
- https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve url
- https://nvd.nist.gov/vuln/detail/CVE-2023-39999 url