CVE-2023-52126 – WordPress Send Users Email Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure

https://notcve.org/view.php?id=CVE-2023-52126

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Suman Bhattarai Send Users Email.This issue affects Send Users Email: from n/a through 1.4.3. Vulnerabilidad de exposición de información confidencial a un actor no autorizado en Suman Bhattarai Send Users Email. Este problema afecta a Send Users Email: desde n/a hasta 1.4.3. The Send Users Email plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.3 via the plugin's error logs. This makes it possible for unauthenticated attackers to extract sensitive data about the plugin and site configuration. • https://patchstack.com/database/vulnerability/send-users-email/wordpress-send-users-email-plugin-1-4-3-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •