CVE-2022-4346

The All-In-One Security (AIOS) WordPress plugin before 5.1.3 leaked settings of the plugin publicly, including the used email address.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
WPScanCNA
---
---
CVEADP
---
---
CISA-ADPADP
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
updraftplusall-in-one_security
𝑥
< 5.1.3
𝑥
= Vulnerable software versions
References
https://wpscan.com/vulnerability/cc05f760-983d-4dc1-afbb-6b4965aa8abe
https://wpscan.com/vulnerability/cc05f760-983d-4dc1-afbb-6b4965aa8abe