CVE-2023-7014

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 5, 2024

Updated: Feb 15, 2024

CWE ID 668

Summary

CVE-2023-7014 is a vulnerability affecting the Molongui plugin for WordPress versions up to 4.7.4. This issue permits unauthenticated attackers to extract sensitive information, specifically post author emails and names, through the 'ma_debu' parameter in the Author Box and Guest Author modules. This exposure of sensitive data poses a significant risk to WordPress websites using the affected plugin version.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t3uiVf
https://www.cve.org/CVERecord?id=CVE-2023-7014
https://nvd.nist.gov/vuln/detail/CVE-2023-7014

Back to Vulnerability Database

CVE-2023-7014

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations