CVE-2023-6444

Published: Mar 11, 2024Modified: May 1, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request.

Affected (1)

Products: Castos: Seriously Simple Podcasting

Castos

1 product

Seriously Simple Podcasting

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Castos Seriously Simple Podcasting	Before 3.0.0

References (2)

https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c2b4aa/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c2b4aa/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.