Security Advisory

CVE-2023-3601

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-14 19:10:21

Last updated 2025-05-05 15:54:29

Assigner WPScan

State PUBLISHED

Description

The Simple Author Box WordPress plugin before 2.52 does not verify a user ID before outputting information about that user, leading to arbitrary user information disclosure to users with a role as low as Contributor.

← Browse all CVEs View on cve.org ↗