CVE-2023-6250

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 26, 2023

Updated: Jan 2, 2024

CWE ID 312

Summary

CVE-2023-6250 is a vulnerability affecting the Like & Share WordPress plugin developed by BestWebSoft. Before version 2.74, this plugin inadvertently disclosed the content of password-protected posts to unauthenticated users through a meta tag. This issue poses a significant security risk, as unauthorized individuals could gain access to protected information without proper authorization. WordPress users are strongly advised to update the plugin to the latest version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/thBiOF
https://www.cve.org/CVERecord?id=CVE-2023-6250
https://nvd.nist.gov/vuln/detail/CVE-2023-6250

Back to Vulnerability Database

CVE-2023-6250

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations