Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-0812

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure.

Published

2023-05-15T13:15:10.140

Last Modified

2025-01-24T21:15:09.337

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	miniorange	active_directory_integration_\/_ldap_integration	< 4.1.1	Yes

References

https://wpscan.com/vulnerability/0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107 Exploit ([email protected])
https://wpscan.com/vulnerability/0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107 Exploit (af854a3a-2127-422b-91ae-364da2661108)