GHSA-x7w6-3cp2-qjcv — Vulnetix

GHSA-x7w6-3cp2-qjcv PUBLISHED

Exploit Intelligence

Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 (github-poc-repo)
Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 (github-poc-repo)
CVE-2023-5561-PoC (github-poc-repo)
CVE-2023-5561-PoC (github-poc-repo)
CVE-2023-5561-PoC (github-poc)
CVE-2023-5561-PoC (github-poc)
Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 (github-poc)
Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 (github-poc)
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack (github-poc)
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack (github-poc)

…and 2 more exploits

Timeline

CVE Published
Apr 10, 2026 Security Advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›