CVE-2023-46820
WordPress Image Regenerate & Select Crop Plugin <= 7.3.0 is vulnerable to Sensitive Data Exposure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Iulia Cazan Image Regenerate & Select Crop.This issue affects Image Regenerate & Select Crop: from n/a through 7.3.0.
Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Iulia Cazan Image Regenerate & Select Crop. Este problema afecta a Image Regenerate & Select Crop: desde n/a hasta 7.3.0.
The Image Regenerate & Select Crop plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.3.0 via the log file directory. This can allow unauthenticated attackers to extract sensitive data if directory indexing is enabled or if they are able to determine the log file format and bruteforce potential log filenames.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-10-09 CVE Published
- 2023-10-27 CVE Reserved
- 2024-10-01 CVE Updated
- 2024-10-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Iuliacazan Search vendor "Iuliacazan" | Image Regenerate \& Select Crop Search vendor "Iuliacazan" for product "Image Regenerate \& Select Crop" | <= 7.3.0 Search vendor "Iuliacazan" for product "Image Regenerate \& Select Crop" and version " <= 7.3.0" | wordpress |
Affected
| ||||||